Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2021-0512
Vulnerability from cvelistv5
Published
2021-06-21 16:01
Modified
2024-08-03 15:40
Severity ?
EPSS score ?
Summary
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
References
▼ | URL | Tags | |
---|---|---|---|
security@android.com | https://source.android.com/security/bulletin/2021-06-01 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/2021-06-01 | Patch, Vendor Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T15:40:01.188Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://source.android.com/security/bulletin/2021-06-01" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Android kernel" } ] } ], "descriptions": [ { "lang": "en", "value": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel" } ], "problemTypes": [ { "descriptions": [ { "description": "Elevation of privilege", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-21T16:01:27", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://source.android.com/security/bulletin/2021-06-01" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2021-0512", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2021-06-01", "refsource": "MISC", "url": "https://source.android.com/security/bulletin/2021-06-01" } ] } } } }, "cveMetadata": { "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2021-0512", "datePublished": "2021-06-21T16:01:27", "dateReserved": "2020-11-06T00:00:00", "dateUpdated": "2024-08-03T15:40:01.188Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2021-0512\",\"sourceIdentifier\":\"security@android.com\",\"published\":\"2021-06-21T17:15:08.477\",\"lastModified\":\"2024-11-21T05:42:50.610\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel\"},{\"lang\":\"es\",\"value\":\"En la funci\u00f3n __hidinput_change_resolution_multipliers del archivo hid-input.c, se presenta una posible escritura fuera de l\u00edmites debido a un desbordamiento del b\u00fafer de la pila. Esto podr\u00eda conllevar a una escalada de privilegios local sin ser necesarios privilegios de ejecuci\u00f3n adicionales. No es requerida una interacci\u00f3n del usuario para su explotaci\u00f3n. Producto: Android, Versiones: Android kernel, ID de Android: A-173843328, Referencias: Kernel ascendente\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]}],\"references\":[{\"url\":\"https://source.android.com/security/bulletin/2021-06-01\",\"source\":\"security@android.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://source.android.com/security/bulletin/2021-06-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}" } }
ghsa-x4h3-hq3r-rqx8
Vulnerability from github
Published
2022-05-24 19:05
Modified
2022-05-24 19:05
Details
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
{ "affected": [], "aliases": [ "CVE-2021-0512" ], "database_specific": { "cwe_ids": [ "CWE-787" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2021-06-21T17:15:00Z", "severity": "HIGH" }, "details": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel", "id": "GHSA-x4h3-hq3r-rqx8", "modified": "2022-05-24T19:05:44Z", "published": "2022-05-24T19:05:44Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "type": "WEB", "url": "https://source.android.com/security/bulletin/2021-06-01" } ], "schema_version": "1.4.0", "severity": [] }
rhsa-2021_4088
Vulnerability from csaf_redhat
Published
2021-11-02 09:58
Modified
2024-11-15 10:40
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)
* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
* kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* kernel-rt: update RT source tree to the RHEL-8.4.z source tree (BZ#2004117)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)\n\n* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\n* kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* kernel-rt: update RT source tree to the RHEL-8.4.z source tree (BZ#2004117)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:4088", "url": "https://access.redhat.com/errata/RHSA-2021:4088" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1974319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974319" }, { "category": "external", "summary": "1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "1983988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983988" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4088.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-15T10:40:14+00:00", "generator": { "date": "2024-11-15T10:40:14+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:4088", "initial_release_date": "2021-11-02T09:58:04+00:00", "revision_history": [ { "date": "2021-11-02T09:58:04+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-11-02T09:58:04+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T10:40:14+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product": { "name": "Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time (v. 8)", "product": { "name": "Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::realtime" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "product": { "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "product_id": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.25.1.rt7.97.el8_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-305.25.1.rt7.97.el8_4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src" }, "product_reference": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV (v. 8)", "product_id": "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "NFV-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src" }, "product_reference": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64 as a component of Red Hat Enterprise Linux Real Time (v. 8)", "product_id": "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "relates_to_product_reference": "RT-8.4.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-36385", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2021-06-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974319" } ], "notes": [ { "category": "description", "text": "An issue was discovered in the Linux kernels Userspace Connection Manager Access for RDMA. This could allow a local attacker to crash the system, corrupt memory or escalate privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-36385" }, { "category": "external", "summary": "RHBZ#1974319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974319" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36385", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36385" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-02T09:58:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4088" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free" }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974491" } ], "notes": [ { "category": "description", "text": "A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c", "title": "Vulnerability summary" }, { "category": "other", "text": "For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-0512" }, { "category": "external", "summary": "RHBZ#1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-0512", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/", "url": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-02T09:58:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4088" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c" }, { "acknowledgments": [ { "names": [ "Maxim Levitsky", "Paolo Bonzini" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2021-3656", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2021-07-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1983988" } ], "notes": [ { "category": "description", "text": "A flaw was found in the KVM\u0027s AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"virt_ext\" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The nested virtualization feature is not enabled by default up to Red Hat Enterprise Linux 8.4. Most importantly, Red Hat currently provides nested virtualization only as a Technology Preview, and is therefore unsupported for production use. For additional details please see https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3656" }, { "category": "external", "summary": "RHBZ#1983988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3656", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3656" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3656", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3656" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/08/16/1", "url": "https://www.openwall.com/lists/oss-security/2021/08/16/1" } ], "release_date": "2021-08-16T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-02T09:58:04+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4088" }, { "category": "workaround", "details": "This vulnerability can be mitigated by disabling the nested virtualization feature:\n```\n# modprobe -r kvm_amd\n# modprobe kvm_amd nested=0\n```\n\nDisabling VLS (Virtual VMLOAD/VMSAVE) is an alternative mitigation:\n```\n# modprobe kvm_amd vls=0\n```", "product_ids": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "NFV-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.src", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-core-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debug-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-devel-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-kvm-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64", "RT-8.4.0.Z.MAIN.EUS:kernel-rt-modules-extra-0:4.18.0-305.25.1.rt7.97.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)" } ] }
rhsa-2021_4122
Vulnerability from csaf_redhat
Published
2021-11-03 19:36
Modified
2024-11-15 09:42
Summary
Red Hat Security Advisory: kpatch-patch security update
Notes
Topic
An update is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free
(CVE-2020-36385)
* kernel: out-of-bounds write due to a heap buffer overflow in
__hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es):\n\n* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free\n(CVE-2020-36385)\n\n* kernel: out-of-bounds write due to a heap buffer overflow in\n__hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:4122", "url": "https://access.redhat.com/errata/RHSA-2021:4122" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1974319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974319" }, { "category": "external", "summary": "1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4122.json" } ], "title": "Red Hat Security Advisory: kpatch-patch security update", "tracking": { "current_release_date": "2024-11-15T09:42:35+00:00", "generator": { "date": "2024-11-15T09:42:35+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:4122", "initial_release_date": "2021-11-03T19:36:15+00:00", "revision_history": [ { "date": "2021-11-03T19:36:15+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-11-03T19:36:15+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T09:42:35+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kpatch-patch-4_18_0-305-0:1-6.el8.src", "product": { "name": "kpatch-patch-4_18_0-305-0:1-6.el8.src", "product_id": "kpatch-patch-4_18_0-305-0:1-6.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305@1-6.el8?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "product": { "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "product_id": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_3_1@1-5.el8_4?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "product": { "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "product_id": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_7_1@1-4.el8_4?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "product": { "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "product_id": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_10_2@1-3.el8_4?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "product": { "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "product_id": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_12_1@1-2.el8_4?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "product": { "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "product_id": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_17_1@1-1.el8_4?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "product": { "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "product_id": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_19_1@1-1.el8_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "product_id": "kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305@1-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "product_id": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305-debugsource@1-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "product_id": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305-debuginfo@1-6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_3_1@1-5.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_3_1-debugsource@1-5.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_3_1-debuginfo@1-5.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_7_1@1-4.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_7_1-debugsource@1-4.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_7_1-debuginfo@1-4.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_10_2@1-3.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_10_2-debugsource@1-3.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_10_2-debuginfo@1-3.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_12_1@1-2.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_12_1-debugsource@1-2.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_12_1-debuginfo@1-2.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_17_1@1-1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_17_1-debugsource@1-1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_17_1-debuginfo@1-1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_19_1@1-1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_19_1-debugsource@1-1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "product": { "name": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "product_id": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_19_1-debuginfo@1-1.el8_4?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "product": { "name": "kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "product_id": "kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305@1-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "product": { "name": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "product_id": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305-debugsource@1-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "product": { "name": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "product_id": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305-debuginfo@1-6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_3_1@1-5.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_3_1-debugsource@1-5.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_3_1-debuginfo@1-5.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_7_1@1-4.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_7_1-debugsource@1-4.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_7_1-debuginfo@1-4.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_10_2@1-3.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_10_2-debugsource@1-3.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_10_2-debuginfo@1-3.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_12_1@1-2.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_12_1-debugsource@1-2.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_12_1-debuginfo@1-2.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_17_1@1-1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_17_1-debugsource@1-1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_17_1-debuginfo@1-1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_19_1@1-1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_19_1-debugsource@1-1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "product": { "name": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "product_id": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-305_19_1-debuginfo@1-1.el8_4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305-0:1-6.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src" }, "product_reference": "kpatch-patch-4_18_0-305-0:1-6.el8.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305-0:1-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src" }, "product_reference": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src" }, "product_reference": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src" }, "product_reference": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src" }, "product_reference": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src" }, "product_reference": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src" }, "product_reference": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" }, "product_reference": "kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-36385", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2021-06-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974319" } ], "notes": [ { "category": "description", "text": "An issue was discovered in the Linux kernels Userspace Connection Manager Access for RDMA. This could allow a local attacker to crash the system, corrupt memory or escalate privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-36385" }, { "category": "external", "summary": "RHBZ#1974319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974319" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36385", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36385" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-03T19:36:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4122" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free" }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974491" } ], "notes": [ { "category": "description", "text": "A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c", "title": "Vulnerability summary" }, { "category": "other", "text": "For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-0512" }, { "category": "external", "summary": "RHBZ#1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-0512", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/", "url": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-03T19:36:15+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4122" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debuginfo-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305-debugsource-0:1-6.el8.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debuginfo-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_10_2-debugsource-0:1-3.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debuginfo-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_12_1-debugsource-0:1-2.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_17_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debuginfo-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_19_1-debugsource-0:1-1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debuginfo-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_3_1-debugsource-0:1-5.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debuginfo-0:1-4.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kpatch-patch-4_18_0-305_7_1-debugsource-0:1-4.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c" } ] }
rhsa-2021_4750
Vulnerability from csaf_redhat
Published
2021-11-19 19:24
Modified
2024-11-22 17:29
Summary
Red Hat Security Advisory: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.9] 0-day
Notes
Topic
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks.
Security Fix(es):
* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
* Ansible: ansible-connection module discloses sensitive info in traceback error message (CVE-2021-3620)
* kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)
* libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (CVE-2020-16135)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Red Hat Virtualization Host now includes packages from Red Hat Enterprise Linux 8.5. (BZ#1958101)
* Red Hat Virtualization Host now includes packages from RHGS-3.5.z on RHEL-8 Batch #5. (BZ#1975175)
* Red Hat Virtualization Host now includes the packages needed for using Managed Block Devices via cinderlib. (BZ#1983021)
* Red Hat Virtualization Host now includes openvswitch related packages from Fast Data Path 21.G release. (BZ#1998104)
* Previously it was not possible to upgrade RHVH to version 4.4.8 when custom VDSM hooks were installed on RHVH. This was caused by the VDSM hooks dependency on the concrete version of VDSM. The current release allows users to maintain the VDSM dependency manually. In other words, if you want to upgrade from VDSM X.Y.Z to version A.B.C, you must upgrade all VDSM hooks to the same A.B.C version. (BZ#2004469)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts (RHVH) are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host\u0027s resources and performing administrative tasks.\n\nSecurity Fix(es):\n\n* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\n* Ansible: ansible-connection module discloses sensitive info in traceback error message (CVE-2021-3620)\n\n* kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\n* libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL (CVE-2020-16135)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Red Hat Virtualization Host now includes packages from Red Hat Enterprise Linux 8.5. (BZ#1958101)\n\n* Red Hat Virtualization Host now includes packages from RHGS-3.5.z on RHEL-8 Batch #5. (BZ#1975175)\n\n* Red Hat Virtualization Host now includes the packages needed for using Managed Block Devices via cinderlib. (BZ#1983021)\n\n* Red Hat Virtualization Host now includes openvswitch related packages from Fast Data Path 21.G release. (BZ#1998104)\n\n* Previously it was not possible to upgrade RHVH to version 4.4.8 when custom VDSM hooks were installed on RHVH. This was caused by the VDSM hooks dependency on the concrete version of VDSM. The current release allows users to maintain the VDSM dependency manually. In other words, if you want to upgrade from VDSM X.Y.Z to version A.B.C, you must upgrade all VDSM hooks to the same A.B.C version. (BZ#2004469)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:4750", "url": "https://access.redhat.com/errata/RHSA-2021:4750" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1862456", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862456" }, { "category": "external", "summary": "1953685", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1953685" }, { "category": "external", "summary": "1958101", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958101" }, { "category": "external", "summary": "1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "1975175", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975175" }, { "category": "external", "summary": "1975767", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975767" }, { "category": "external", "summary": "1983021", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983021" }, { "category": "external", "summary": "1998104", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1998104" }, { "category": "external", "summary": "2004469", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2004469" }, { "category": "external", "summary": "2020362", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020362" }, { "category": "external", "summary": "2024360", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024360" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4750.json" } ], "title": "Red Hat Security Advisory: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.9] 0-day", "tracking": { "current_release_date": "2024-11-22T17:29:10+00:00", "generator": { "date": "2024-11-22T17:29:10+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:4750", "initial_release_date": "2021-11-19T19:24:53+00:00", "revision_history": [ { "date": "2021-11-19T19:24:53+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-11-19T19:24:53+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T17:29:10+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product": { "name": "RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8" } } }, { "category": "product_name", "name": "Red Hat Virtualization 4 Hypervisor for RHEL 8", "product": { "name": "Red Hat Virtualization 4 Hypervisor for RHEL 8", "product_id": "8Base-RHV-Hypervisor-4", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhev_hypervisor:4.4::el8" } } } ], "category": "product_family", "name": "Red Hat Virtualization" }, { "branches": [ { "category": "product_version", "name": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "product": { "name": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "product_id": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.9-2.el8ev?arch=src" } } }, { "category": "product_version", "name": "redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "product": { "name": "redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "product_id": "redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host@4.4.9-202111172338_8.5?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "product": { "name": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "product_id": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host@4.4.9-2.el8ev?arch=x86_64" } } }, { "category": "product_version", "name": "redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "product": { "name": "redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "product_id": "redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-release-virtualization-host-content@4.4.9-2.el8ev?arch=x86_64" } } }, { "category": "product_version", "name": "redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64", "product": { "name": "redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64", "product_id": "redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update@4.4.9-202111172338_8.5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch", "product": { "name": "redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch", "product_id": "redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/redhat-virtualization-host-image-update-placeholder@4.4.9-2.el8ev?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-0:4.4.9-202111172338_8.5.src as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", "product_id": "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src" }, "product_reference": "redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "relates_to_product_reference": "8Base-RHV-Hypervisor-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64 as a component of Red Hat Virtualization 4 Hypervisor for RHEL 8", "product_id": "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" }, "product_reference": "redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64", "relates_to_product_reference": "8Base-RHV-Hypervisor-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.src as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src" }, "product_reference": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64" }, "product_reference": "redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64 as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64" }, "product_reference": "redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" }, { "category": "default_component_of", "full_product_name": { "name": "redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch as a component of RHEL 8-based RHEV-H for RHEV 4 (build requirements)", "product_id": "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" }, "product_reference": "redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch", "relates_to_product_reference": "8Base-RHV-HypervisorBuild-4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-16135", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "discovery_date": "2020-07-30T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1862456" } ], "notes": [ { "category": "description", "text": "A flaw was found in libssh. A NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.", "title": "Vulnerability description" }, { "category": "summary", "text": "libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL", "title": "Vulnerability summary" }, { "category": "other", "text": "libssh2 as shipped with Red Hat Enterprise Linux 6, 7, and 8 are NOT affected by this flaw; libssh2 and libssh are different codebases and libssh2 does not contain the vulnerable code. Red Hat Product Security has set the impact of this flaw to Low because there is no demonstrated way for an attacker to reliably force a NULL pointer dereference via a code path in the affected libssh code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-16135" }, { "category": "external", "summary": "RHBZ#1862456", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862456" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-16135", "url": "https://www.cve.org/CVERecord?id=CVE-2020-16135" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16135", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16135" }, { "category": "external", "summary": "https://bugs.gentoo.org/734624", "url": "https://bugs.gentoo.org/734624" } ], "release_date": "2020-07-30T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-19T19:24:53+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4750" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL" }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-06-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974491" } ], "notes": [ { "category": "description", "text": "A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c", "title": "Vulnerability summary" }, { "category": "other", "text": "For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-0512" }, { "category": "external", "summary": "RHBZ#1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-0512", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/", "url": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-19T19:24:53+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4750" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c" }, { "acknowledgments": [ { "names": [ "Dalton Rardin" ] } ], "cve": "CVE-2021-3620", "cwe": { "id": "CWE-209", "name": "Generation of Error Message Containing Sensitive Information" }, "discovery_date": "2021-06-09T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1975767" } ], "notes": [ { "category": "description", "text": "A flaw was found in Ansible Engine\u0027s ansible-connection module, where sensitive information such as the Ansible user credentials is disclosed by default in the traceback error message. The highest threat from this vulnerability is to confidentiality.", "title": "Vulnerability description" }, { "category": "summary", "text": "Ansible: ansible-connection module discloses sensitive info in traceback error message", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Gluster Storage 3 no longer maintains its own version of Ansible. The prerequisite is to enable the Ansible repository in order to consume the latest version of Ansible, which has many bug and security fixes.\n\nRed Hat Ceph Storage 2 only provides fixes for bugs on an as-requested basis by a customer, and will not be fixed after discussion with engineering about the viability of a fix. Red Hat Ceph Storage 3 does not directly ship ansible, and thus is closed as won\u0027t fix.\n\nRed Hat Virtualization ships an affected version of ansible, however, the usage of ansible on the redhat-virtualization-host is only supported for self-hosted-engine installation and disaster recovery, where it is run locally. As such Impact is rated Moderate.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3620" }, { "category": "external", "summary": "RHBZ#1975767", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1975767" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3620", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3620" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3620", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3620" } ], "release_date": "2021-06-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-19T19:24:53+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4750" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "Ansible: ansible-connection module discloses sensitive info in traceback error message" }, { "cve": "CVE-2021-43267", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2021-11-02T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2020362" } ], "notes": [ { "category": "description", "text": "A flaw was discovered in the cryptographic receive code in the Linux kernel\u0027s implementation of transparent interprocess communication. An attacker, with the ability to send TIPC messages to the target, can corrupt memory and escalate privileges on the target system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type", "title": "Vulnerability summary" }, { "category": "other", "text": "This issue affects Red Hat Enterprise Linux 8 starting with the kernel that shipped with Red Hat Enterprise Linux 8.4 GA (kernel-4.18.0-305.el8). Previous Red Hat Enterprise Linux 8 kernel versions were not affected as they did not include the vulnerable functionality.\n\nRed Hat recommends to use transport level to separate and/or secure (by both encrypting and authenticating via eg. IPSec/MACSec) the communication between nodes. This limits the exposure of this issue to semi-trusted nodes.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "known_not_affected": [ "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-43267" }, { "category": "external", "summary": "RHBZ#2020362", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2020362" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-43267", "url": "https://www.cve.org/CVERecord?id=CVE-2021-43267" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-43267", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43267" } ], "release_date": "2021-11-02T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-19T19:24:53+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/2974891", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:4750" }, { "category": "workaround", "details": "The TIPC module will NOT be automatically loaded. When required, administrative action is needed to explicitly load this module.\n\nLoading the module can be prevented with the following instructions:\n# echo \"install tipc /bin/true\" \u003e\u003e /etc/modprobe.d/disable-tipc.conf\nThe system will need to be restarted if the tipc module is loaded. In most circumstances, the TIPC kernel module will be unable to be unloaded while any network interfaces are active and the protocol is in use.\n\nIf the system requires this module to work correctly, this mitigation may not be suitable.\nIf you need further assistance, see KCS article https://access.redhat.com/solutions/41278 or contact Red Hat Global Support Services.\n\nTo mitigate the issue on systems that do need to use TIPC and do *not* deploy the TIPC protocol level encryption but rather use different ways to ensure secure communication between nodes (eg. physical network separation, IPSec/MACsec):\n\n- BEWARE THAT THIS WILL DISABLE THE TIPC PROTOCOL LEVEL ENCRYPTION - \n\n1) On the host, save the following in a file with the \".stp\" extension:\n\n%{\n\n#include \u003clinux/skbuff.h\u003e\n\n\n#define MSG_CRYPTO 14\n#define SOCK_WAKEUP 14 /* pseudo user */\n#define TOP_SRV 15 /* pseudo user */\n\n\nstruct tipc_msg {\n __be32 hdr[15];\n};\n\nstatic inline struct tipc_msg *buf_msg(struct sk_buff *skb)\n{\n return (struct tipc_msg *)skb-\u003edata;\n}\n\nstatic inline u32 msg_word(struct tipc_msg *m, u32 pos)\n{\n return ntohl(m-\u003ehdr[pos]);\n}\n\nstatic inline void msg_set_word(struct tipc_msg *m, u32 w, u32 val)\n{\n m-\u003ehdr[w] = htonl(val);\n}\n\nstatic inline u32 msg_bits(struct tipc_msg *m, u32 w, u32 pos, u32 mask)\n{\n return (msg_word(m, w) \u003e\u003e pos) \u0026 mask;\n}\n\nstatic inline void msg_set_bits(struct tipc_msg *m, u32 w,\n u32 pos, u32 mask, u32 val)\n{\n val = (val \u0026 mask) \u003c\u003c pos;\n mask = mask \u003c\u003c pos;\n m-\u003ehdr[w] \u0026= ~htonl(mask);\n m-\u003ehdr[w] |= htonl(val);\n}\n\nstatic inline u32 msg_user(struct tipc_msg *m)\n{\n return msg_bits(m, 0, 25, 0xf);\n}\n\nstatic inline void msg_set_user(struct tipc_msg *m, u32 n)\n{\n msg_set_bits(m, 0, 25, 0xf, n);\n}\n\n%}\n\nfunction sanitize:long (skb:long) %{\n struct sk_buff *skb;\n struct tipc_msg *hdr;\n\n#if STAP_COMPAT_VERSION \u003e= STAP_VERSION(1,8)\n skb = (struct sk_buff *) (unsigned long) STAP_ARG_skb;\n#else\n skb = (struct sk_buff *) (unsigned long) THIS-\u003eskb;\n#endif\n\n hdr = buf_msg(skb);\n\n if(msg_user(hdr) == MSG_CRYPTO) {\n msg_set_user(hdr, TOP_SRV); // set to invalid in this context\n }\n\n%}\n\nprobe module(\"tipc\").function(\"tipc_data_input\").call {\n sanitize($skb);\n}\n\n\n2) Install the \"systemtap\" package and any required dependencies (such as\n kernel-devel and kernel-debuginfo packages).\n\n3) Run the \"stap -g [filename-from-step-1].stp\" command as root.\n\nIf the host is rebooted, the changes will be lost and the script must be\nrun again.\n\n\nAlternatively, build the systemtap script on a development system with\n\"stap -g -p 4 [filename-from-step-1].stp\", distribute the resulting kernel\nmodule to all affected systems, and run \"staprun -L \u003cmodule\u003e\" on those.\nWhen using this approach only systemtap-runtime package is required on the\naffected systems. Please notice that the kernel version must be the same across\nall systems.", "product_ids": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.src", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-release-virtualization-host-content-0:4.4.9-2.el8ev.x86_64", "8Base-RHV-HypervisorBuild-4:redhat-virtualization-host-image-update-placeholder-0:4.4.9-2.el8ev.noarch" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHV-Hypervisor-4:redhat-virtualization-host-0:4.4.9-202111172338_8.5.src", "8Base-RHV-Hypervisor-4:redhat-virtualization-host-image-update-0:4.4.9-202111172338_8.5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type" } ] }
rhsa-2021_3446
Vulnerability from csaf_redhat
Published
2021-09-07 16:52
Modified
2024-11-22 17:15
Summary
Red Hat Security Advisory: kernel security and bug fix update
Notes
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
* kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)
* kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Guest kernel call trace when boot up with 4T memory and 2 vcpus (BZ#1993552)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\n* kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)\n\n* kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Guest kernel call trace when boot up with 4T memory and 2 vcpus (BZ#1993552)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:3446", "url": "https://access.redhat.com/errata/RHSA-2021:3446" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "1986506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986506" }, { "category": "external", "summary": "1993988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993988" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3446.json" } ], "title": "Red Hat Security Advisory: kernel security and bug fix update", "tracking": { "current_release_date": "2024-11-22T17:15:42+00:00", "generator": { "date": "2024-11-22T17:15:42+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:3446", "initial_release_date": "2021-09-07T16:52:57+00:00", "revision_history": [ { "date": "2021-09-07T16:52:57+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-09-07T16:52:57+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T17:15:42+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos" } } }, { "category": "product_name", "name": "Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product": { "name": "Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.2::crb" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "perf-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "perf-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "perf-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.65.2.el8_2?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product_id": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-193.65.2.el8_2?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "perf-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "perf-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.65.2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_id": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-193.65.2.el8_2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "perf-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "perf-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.65.2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product_id": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-193.65.2.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "bpftool-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-core@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "perf-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "perf-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "perf-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-193.65.2.el8_2?arch=s390x" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_id": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-193.65.2.el8_2?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "kernel-0:4.18.0-193.65.2.el8_2.src", "product": { "name": "kernel-0:4.18.0-193.65.2.el8_2.src", "product_id": "kernel-0:4.18.0-193.65.2.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-193.65.2.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "product": { "name": "kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "product_id": "kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.18.0-193.65.2.el8_2?arch=noarch" } } }, { "category": "product_version", "name": "kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "product": { "name": "kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "product_id": "kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-doc@4.18.0-193.65.2.el8_2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch" }, "product_reference": "kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:4.18.0-193.65.2.el8_2.noarch as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch" }, "product_reference": "kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.src as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.src", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch" }, "product_reference": "kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:4.18.0-193.65.2.el8_2.noarch as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch" }, "product_reference": "kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "perf-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64 as a component of Red Hat CodeReady Linux Builder EUS (v. 8.2)", "product_id": "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "relates_to_product_reference": "CRB-8.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-06-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974491" } ], "notes": [ { "category": "description", "text": "A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c", "title": "Vulnerability summary" }, { "category": "other", "text": "For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ], "known_not_affected": [ "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-0512" }, { "category": "external", "summary": "RHBZ#1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-0512", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/", "url": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T16:52:57+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2021:3446" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c" }, { "acknowledgments": [ { "names": [ "Zhenpeng Lin" ] } ], "cve": "CVE-2021-3715", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2021-08-12T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1993988" } ], "notes": [ { "category": "description", "text": "A flaw was found in the \"Routing decision\" classifier in the Linux kernel\u0027s Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in route4_change() in net/sched/cls_route.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is rated as having Moderate impact (Red Hat Enterprise Linux 7 and lower) because of the need to have CAP_NET_ADMIN privileges and that Red Hat Enterprise Linux 7 disabled unprivileged user/network namespaces by default.\n\nThis flaw is rated as having Important impact (Red Hat Enterprise Linux 8) because Red Hat Enterprise Linux 8 enabled unprivileged user/network namespaces by default which can be used to gain CAP_NET_ADMIN privileges in corresponding user namespace even for otherwise unprivileged local user and thus exercise this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ], "known_not_affected": [ "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3715" }, { "category": "external", "summary": "RHBZ#1993988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3715", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359" } ], "release_date": "2021-09-07T08:25:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T16:52:57+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2021:3446" }, { "category": "workaround", "details": "In order to mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel module cls_route.ko. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278.\n\nAlternatively, if cls_route is being used, on Red Hat Enterprise Linux 8, you can disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf", "product_ids": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in route4_change() in net/sched/cls_route.c" }, { "cve": "CVE-2021-37576", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-06-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1986506" } ], "notes": [ { "category": "description", "text": "A flaw was found on the Linux kernel. On the PowerPC platform, the KVM guest allows the OS users to cause host OS memory corruption via rtas_args.nargs. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: powerpc: KVM guest OS users can cause host OS memory corruption", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ], "known_not_affected": [ "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-37576" }, { "category": "external", "summary": "RHBZ#1986506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986506" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37576", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37576" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37576", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37576" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/07/26/1", "url": "https://www.openwall.com/lists/oss-security/2021/07/26/1" } ], "release_date": "2021-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T16:52:57+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2021:3446" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "BaseOS-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:bpftool-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.src", "CRB-8.2.0.Z.EUS:kernel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-abi-whitelists-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-cross-headers-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-core-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debug-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-s390x-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-doc-0:4.18.0-193.65.2.el8_2.noarch", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-modules-extra-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-tools-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:kernel-tools-libs-devel-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-core-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-devel-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-0:4.18.0-193.65.2.el8_2.x86_64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.aarch64", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.ppc64le", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.s390x", "CRB-8.2.0.Z.EUS:python3-perf-debuginfo-0:4.18.0-193.65.2.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: powerpc: KVM guest OS users can cause host OS memory corruption" } ] }
rhsa-2021_3443
Vulnerability from csaf_redhat
Published
2021-09-07 15:12
Modified
2024-11-22 17:15
Summary
Red Hat Security Advisory: kpatch-patch security update
Notes
Topic
An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
* kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)
* kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.\n\nSecurity Fix(es):\n\n* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\n* kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)\n\n* kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:3443", "url": "https://access.redhat.com/errata/RHSA-2021:3443" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "1986506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986506" }, { "category": "external", "summary": "1993988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993988" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3443.json" } ], "title": "Red Hat Security Advisory: kpatch-patch security update", "tracking": { "current_release_date": "2024-11-22T17:15:56+00:00", "generator": { "date": "2024-11-22T17:15:56+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:3443", "initial_release_date": "2021-09-07T15:12:56+00:00", "revision_history": [ { "date": "2021-09-07T15:12:56+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-09-07T15:12:56+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-22T17:15:56+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:rhel_eus:8.2::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_19_1@1-12.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_28_1@1-10.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_29_1@1-10.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_37_1@1-10.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_40_1@1-10.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_41_1@1-10.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_46_1@1-7.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_47_1@1-7.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_51_1@1-4.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_56_1@1-3.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_60_2@1-2.el8_2?arch=src" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "product": { "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "product_id": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_64_1@1-1.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_19_1@1-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_19_1-debugsource@1-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_19_1-debuginfo@1-12.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_28_1@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_28_1-debugsource@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_28_1-debuginfo@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_29_1@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_29_1-debugsource@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_29_1-debuginfo@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_37_1@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_37_1-debugsource@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_37_1-debuginfo@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_40_1@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_40_1-debugsource@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_40_1-debuginfo@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_41_1@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_41_1-debugsource@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_41_1-debuginfo@1-10.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_46_1@1-7.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_46_1-debugsource@1-7.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_46_1-debuginfo@1-7.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_47_1@1-7.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_47_1-debugsource@1-7.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_47_1-debuginfo@1-7.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_51_1@1-4.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_51_1-debugsource@1-4.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_51_1-debuginfo@1-4.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_56_1@1-3.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_56_1-debugsource@1-3.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_56_1-debuginfo@1-3.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_60_2@1-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_60_2-debugsource@1-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_60_2-debuginfo@1-2.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_64_1@1-1.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_64_1-debugsource@1-1.el8_2?arch=ppc64le" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "product": { "name": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "product_id": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_64_1-debuginfo@1-1.el8_2?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_19_1@1-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_19_1-debugsource@1-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_19_1-debuginfo@1-12.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_28_1@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_28_1-debugsource@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_28_1-debuginfo@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_29_1@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_29_1-debugsource@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_29_1-debuginfo@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_37_1@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_37_1-debugsource@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_37_1-debuginfo@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_40_1@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_40_1-debugsource@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_40_1-debuginfo@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_41_1@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_41_1-debugsource@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_41_1-debuginfo@1-10.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_46_1@1-7.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_46_1-debugsource@1-7.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_46_1-debuginfo@1-7.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_47_1@1-7.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_47_1-debugsource@1-7.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_47_1-debuginfo@1-7.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_51_1@1-4.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_51_1-debugsource@1-4.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_51_1-debuginfo@1-4.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_56_1@1-3.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_56_1-debugsource@1-3.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_56_1-debuginfo@1-3.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_60_2@1-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_60_2-debugsource@1-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_60_2-debuginfo@1-2.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_64_1@1-1.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_64_1-debugsource@1-1.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "product": { "name": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "product_id": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kpatch-patch-4_18_0-193_64_1-debuginfo@1-1.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src" }, "product_reference": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le" }, "product_reference": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 8.2)", "product_id": "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" }, "product_reference": "kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64", "relates_to_product_reference": "BaseOS-8.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974491" } ], "notes": [ { "category": "description", "text": "A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c", "title": "Vulnerability summary" }, { "category": "other", "text": "For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-0512" }, { "category": "external", "summary": "RHBZ#1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-0512", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/", "url": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T15:12:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3443" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c" }, { "acknowledgments": [ { "names": [ "Zhenpeng Lin" ] } ], "cve": "CVE-2021-3715", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2021-08-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1993988" } ], "notes": [ { "category": "description", "text": "A flaw was found in the \"Routing decision\" classifier in the Linux kernel\u0027s Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in route4_change() in net/sched/cls_route.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is rated as having Moderate impact (Red Hat Enterprise Linux 7 and lower) because of the need to have CAP_NET_ADMIN privileges and that Red Hat Enterprise Linux 7 disabled unprivileged user/network namespaces by default.\n\nThis flaw is rated as having Important impact (Red Hat Enterprise Linux 8) because Red Hat Enterprise Linux 8 enabled unprivileged user/network namespaces by default which can be used to gain CAP_NET_ADMIN privileges in corresponding user namespace even for otherwise unprivileged local user and thus exercise this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3715" }, { "category": "external", "summary": "RHBZ#1993988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3715", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359" } ], "release_date": "2021-09-07T08:25:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T15:12:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3443" }, { "category": "workaround", "details": "In order to mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel module cls_route.ko. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278.\n\nAlternatively, if cls_route is being used, on Red Hat Enterprise Linux 8, you can disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in route4_change() in net/sched/cls_route.c" }, { "cve": "CVE-2021-37576", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "discovery_date": "2021-06-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1986506" } ], "notes": [ { "category": "description", "text": "A flaw was found on the Linux kernel. On the PowerPC platform, the KVM guest allows the OS users to cause host OS memory corruption via rtas_args.nargs. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: powerpc: KVM guest OS users can cause host OS memory corruption", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-37576" }, { "category": "external", "summary": "RHBZ#1986506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1986506" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-37576", "url": "https://www.cve.org/CVERecord?id=CVE-2021-37576" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-37576", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37576" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/07/26/1", "url": "https://www.openwall.com/lists/oss-security/2021/07/26/1" } ], "release_date": "2021-07-23T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T15:12:56+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3443" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debuginfo-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_19_1-debugsource-0:1-12.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_28_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_29_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_37_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_40_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debuginfo-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_41_1-debugsource-0:1-10.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_46_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debuginfo-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_47_1-debugsource-0:1-7.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debuginfo-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_51_1-debugsource-0:1-4.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debuginfo-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_56_1-debugsource-0:1-3.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debuginfo-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_60_2-debugsource-0:1-2.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.src", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debuginfo-0:1-1.el8_2.x86_64", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.ppc64le", "BaseOS-8.2.0.Z.EUS:kpatch-patch-4_18_0-193_64_1-debugsource-0:1-1.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: powerpc: KVM guest OS users can cause host OS memory corruption" } ] }
rhsa-2021_3445
Vulnerability from csaf_redhat
Published
2021-09-07 15:17
Modified
2024-11-15 10:37
Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Notes
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
* kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* OSLAT spikes on subset of cpus (BZ#1986064)
* Failure to enter full_nohz due to needless SCHED softirqs (BZ#1990273)
* kernel-rt: update RT source tree to the latest RHEL-8.2.z12 Batch source tree (BZ#1997761)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\n* kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* OSLAT spikes on subset of cpus (BZ#1986064)\n\n* Failure to enter full_nohz due to needless SCHED softirqs (BZ#1990273)\n\n* kernel-rt: update RT source tree to the latest RHEL-8.2.z12 Batch source tree (BZ#1997761)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:3445", "url": "https://access.redhat.com/errata/RHSA-2021:3445" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "1993988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993988" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3445.json" } ], "title": "Red Hat Security Advisory: kernel-rt security and bug fix update", "tracking": { "current_release_date": "2024-11-15T10:37:17+00:00", "generator": { "date": "2024-11-15T10:37:17+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:3445", "initial_release_date": "2021-09-07T15:17:46+00:00", "revision_history": [ { "date": "2021-09-07T15:17:46+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-09-07T15:17:46+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T10:37:17+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.2::realtime" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product": { "name": "Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_eus:8.2::nfv" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "product": { "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "product_id": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-193.65.2.rt13.117.el8_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-core@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-core@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-devel@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-modules-extra@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-devel@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-modules-extra@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product": { "name": "kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_id": "kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-rt-kvm@4.18.0-193.65.2.rt13.117.el8_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src" }, "product_reference": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time for NFV EUS (v. 8.2)", "product_id": "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "NFV-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src" }, "product_reference": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64 as a component of Red Hat Enterprise Linux Real Time EUS (v. 8.2)", "product_id": "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" }, "product_reference": "kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "relates_to_product_reference": "RT-8.2.0.Z.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-06-21T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974491" } ], "notes": [ { "category": "description", "text": "A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c", "title": "Vulnerability summary" }, { "category": "other", "text": "For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-0512" }, { "category": "external", "summary": "RHBZ#1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-0512", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/", "url": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T15:17:46+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3445" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c" }, { "acknowledgments": [ { "names": [ "Zhenpeng Lin" ] } ], "cve": "CVE-2021-3715", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2021-08-12T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1993988" } ], "notes": [ { "category": "description", "text": "A flaw was found in the \"Routing decision\" classifier in the Linux kernel\u0027s Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in route4_change() in net/sched/cls_route.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw is rated as having Moderate impact (Red Hat Enterprise Linux 7 and lower) because of the need to have CAP_NET_ADMIN privileges and that Red Hat Enterprise Linux 7 disabled unprivileged user/network namespaces by default.\n\nThis flaw is rated as having Important impact (Red Hat Enterprise Linux 8) because Red Hat Enterprise Linux 8 enabled unprivileged user/network namespaces by default which can be used to gain CAP_NET_ADMIN privileges in corresponding user namespace even for otherwise unprivileged local user and thus exercise this vulnerability.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3715" }, { "category": "external", "summary": "RHBZ#1993988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3715", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3715" }, { "category": "external", "summary": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ef299cc3fa1a9e1288665a9fdc8bff55629fd359" } ], "release_date": "2021-09-07T08:25:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-09-07T15:17:46+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:3445" }, { "category": "workaround", "details": "In order to mitigate this issue, it is possible to prevent the affected code from being loaded by blacklisting the kernel module cls_route.ko. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278.\n\nAlternatively, if cls_route is being used, on Red Hat Enterprise Linux 8, you can disable unprivileged user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf", "product_ids": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "NFV-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "NFV-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.src", "RT-8.2.0.Z.EUS:kernel-rt-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-core-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debug-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-debuginfo-common-x86_64-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-devel-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-kvm-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64", "RT-8.2.0.Z.EUS:kernel-rt-modules-extra-0:4.18.0-193.65.2.rt13.117.el8_2.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in route4_change() in net/sched/cls_route.c" } ] }
rhsa-2021_4056
Vulnerability from csaf_redhat
Published
2021-11-02 09:09
Modified
2024-11-15 10:40
Summary
Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Notes
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)
* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)
* kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* [HPE 8.3 bug] No EDAC MC0 message with one-DIMM two-processor configuration under RHEL8.3 (BZ#1982182)
* mlx: devlink port function shows all zero hw_addr (BZ#1986837)
* net/sched: act_mirred: allow saving the last chain processed on xmit path (BZ#1992230)
* RHEL8.3 - System hang and / or r/o fs during SVC/v5k/v7k maintenance with ibmvfc (BZ#1993892)
* RHEL8.1 Snapshot3 - PVT:940:virt:4TB:LPM operation failed by returning HSCLA2CF, HSCL365C SRC's - Linux partition suspend timeout (-> documentation/Linux Alert through LTC bug 182549) (BZ#1993952)
* RHEL8.4 - benchTableRepDMLAsyncBarrier regresses by 34% on RHEL8.4 on POWER9 compared to RHEL8.2 (performance) (BZ#1997431)
* [panic] call trace: ice_probe+0x238/0x10f0 [ice] (BZ#1997539)
* [ice, PTP] ice: fix GPIO 1PPS signal (BZ#1997572)
* Fix locality handling in the tpm_tis driver (BZ#1998219)
* [ice, PTP]: fix Tx queue iteration for Tx timestamp enablement (BZ#2000128)
* PCI passthrough with NVidia GPU "Invalid device 0003:01:00.0 iommu_group file /sys/bus/pci/devices/0003:01:00.0/iommu_group is not a symlink" (BZ#2000602)
* [DELL 8.4 BUG] - System Hangs at Dell Logo When Boot to OS(e1000e with wrong GbE checksum) (BZ#2002335)
* RHEL8.4 - kernel: Fix hanging ioctl caused by wrong msg counter (BZ#2002635)
* kernel: get_timespec64 does not ignore padding in compat syscalls (BZ#2003569)
* [mlx5] eth0: hw csum failure (BZ#2005980)
* xlog_grant_head_wait() does not return and system hangs (BZ#2007413)
* panic while breaking a lease/delegation after user mode helper invocation (BZ#2010331)
* Lockd invalid cast to nlm_lockowner (BZ#2010820)
* [xfstests generic/388] XFS: Assertion failed: 0, file: fs/xfs/xfs_mount.c, line: 1218 (BZ#2011919)
Enhancement(s):
* [Intel 8.5 FEAT] ice: Enable PTP Support (BZ#1998220)
* [Intel 8.5 FEAT] ice: Enable GPIO/SDP Support (BZ#1998221)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for kernel is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385)\n\n* kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c (CVE-2021-0512)\n\n* kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [HPE 8.3 bug] No EDAC MC0 message with one-DIMM two-processor configuration under RHEL8.3 (BZ#1982182)\n\n* mlx: devlink port function shows all zero hw_addr (BZ#1986837)\n\n* net/sched: act_mirred: allow saving the last chain processed on xmit path (BZ#1992230)\n\n* RHEL8.3 - System hang and / or r/o fs during SVC/v5k/v7k maintenance with ibmvfc (BZ#1993892)\n\n* RHEL8.1 Snapshot3 - PVT:940:virt:4TB:LPM operation failed by returning HSCLA2CF, HSCL365C SRC\u0027s - Linux partition suspend timeout (-\u003e documentation/Linux Alert through LTC bug 182549) (BZ#1993952)\n\n* RHEL8.4 - benchTableRepDMLAsyncBarrier regresses by 34% on RHEL8.4 on POWER9 compared to RHEL8.2 (performance) (BZ#1997431)\n\n* [panic] call trace: ice_probe+0x238/0x10f0 [ice] (BZ#1997539)\n\n* [ice, PTP] ice: fix GPIO 1PPS signal (BZ#1997572)\n\n* Fix locality handling in the tpm_tis driver (BZ#1998219)\n\n* [ice, PTP]: fix Tx queue iteration for Tx timestamp enablement (BZ#2000128)\n\n* PCI passthrough with NVidia GPU \"Invalid device 0003:01:00.0 iommu_group file /sys/bus/pci/devices/0003:01:00.0/iommu_group is not a symlink\" (BZ#2000602)\n\n* [DELL 8.4 BUG] - System Hangs at Dell Logo When Boot to OS(e1000e with wrong GbE checksum) (BZ#2002335)\n\n* RHEL8.4 - kernel: Fix hanging ioctl caused by wrong msg counter (BZ#2002635)\n\n* kernel: get_timespec64 does not ignore padding in compat syscalls (BZ#2003569)\n\n* [mlx5] eth0: hw csum failure (BZ#2005980)\n\n* xlog_grant_head_wait() does not return and system hangs (BZ#2007413)\n\n* panic while breaking a lease/delegation after user mode helper invocation (BZ#2010331)\n\n* Lockd invalid cast to nlm_lockowner (BZ#2010820)\n\n* [xfstests generic/388] XFS: Assertion failed: 0, file: fs/xfs/xfs_mount.c, line: 1218 (BZ#2011919)\n\nEnhancement(s):\n\n* [Intel 8.5 FEAT] ice: Enable PTP Support (BZ#1998220)\n\n* [Intel 8.5 FEAT] ice: Enable GPIO/SDP Support (BZ#1998221)", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:4056", "url": "https://access.redhat.com/errata/RHSA-2021:4056" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1974319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974319" }, { "category": "external", "summary": "1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "1983988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983988" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4056.json" } ], "title": "Red Hat Security Advisory: kernel security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-15T10:40:20+00:00", "generator": { "date": "2024-11-15T10:40:20+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:4056", "initial_release_date": "2021-11-02T09:09:27+00:00", "revision_history": [ { "date": "2021-11-02T09:09:27+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-11-02T09:09:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T10:40:20+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat CodeReady Linux Builder (v. 8)", "product": { "name": "Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::crb" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "perf-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "perf-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "perf-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.25.1.el8_4?arch=aarch64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product_id": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.25.1.el8_4?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "perf-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "perf-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.25.1.el8_4?arch=ppc64le" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_id": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.25.1.el8_4?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "perf-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "perf-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "perf-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.25.1.el8_4?arch=x86_64" } } }, { "category": "product_version", "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product_id": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-305.25.1.el8_4?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "bpftool-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "bpftool-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-core@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-cross-headers@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-devel@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-headers@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-core@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "perf-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "perf-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "perf-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-305.25.1.el8_4?arch=s390x" } } }, { "category": "product_version", "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_id": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-305.25.1.el8_4?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "kernel-0:4.18.0-305.25.1.el8_4.src", "product": { "name": "kernel-0:4.18.0-305.25.1.el8_4.src", "product_id": "kernel-0:4.18.0-305.25.1.el8_4.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel@4.18.0-305.25.1.el8_4?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "product": { "name": "kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "product_id": "kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-abi-stablelists@4.18.0-305.25.1.el8_4?arch=noarch" } } }, { "category": "product_version", "name": "kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "product": { "name": "kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "product_id": "kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/kernel-doc@4.18.0-305.25.1.el8_4?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.src", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch" }, "product_reference": "kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:4.18.0-305.25.1.el8_4.noarch as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch" }, "product_reference": "kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.src as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.src", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch" }, "product_reference": "kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-core-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-doc-0:4.18.0-305.25.1.el8_4.noarch as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch" }, "product_reference": "kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "perf-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" }, { "category": "default_component_of", "full_product_name": { "name": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)", "product_id": "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" }, "product_reference": "python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "relates_to_product_reference": "CRB-8.4.0.Z.MAIN.EUS" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-36385", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "discovery_date": "2021-06-16T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974319" } ], "notes": [ { "category": "description", "text": "An issue was discovered in the Linux kernels Userspace Connection Manager Access for RDMA. This could allow a local attacker to crash the system, corrupt memory or escalate privileges.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ], "known_not_affected": [ "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-36385" }, { "category": "external", "summary": "RHBZ#1974319", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974319" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-36385", "url": "https://www.cve.org/CVERecord?id=CVE-2020-36385" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36385", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36385" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-02T09:09:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2021:4056" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options does not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free" }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "discovery_date": "2021-06-21T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1974491" } ], "notes": [ { "category": "description", "text": "A flaw out of bounds memory write in the Linux kernel HID subsystem was found in the way user attach USB or other HID device that generates incorrect data inside HID report field. A local user could use this flaw to crash the system or possibly escalate their privileges on the system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c", "title": "Vulnerability summary" }, { "category": "other", "text": "For Red Hat Enterprise Linux 7 only out of bounds memory read possible instead of write and no code that depends on this memory read, so considering the impact Moderate instead of Important. Both this has very low chances of being exploited in the wild: attacker either need to physically plug a malicious device in a USB port or attacker would have to use uhid or any other virtual USB implementation, meaning that likely already have root access be able to trigger that.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ], "known_not_affected": [ "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-0512" }, { "category": "external", "summary": "RHBZ#1974491", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974491" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-0512", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0512" }, { "category": "external", "summary": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/", "url": "https://lore.kernel.org/lkml/20210301161013.666159680@linuxfoundation.org/" } ], "release_date": "2021-06-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-02T09:09:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2021:4056" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "kernel: out-of-bounds write due to a heap buffer overflow in __hidinput_change_resolution_multipliers() of hid-input.c" }, { "acknowledgments": [ { "names": [ "Maxim Levitsky", "Paolo Bonzini" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2021-3656", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "discovery_date": "2021-07-15T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1983988" } ], "notes": [ { "category": "description", "text": "A flaw was found in the KVM\u0027s AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the \"virt_ext\" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.", "title": "Vulnerability description" }, { "category": "summary", "text": "kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)", "title": "Vulnerability summary" }, { "category": "other", "text": "The nested virtualization feature is not enabled by default up to Red Hat Enterprise Linux 8.4. Most importantly, Red Hat currently provides nested virtualization only as a Technology Preview, and is therefore unsupported for production use. For additional details please see https://access.redhat.com/solutions/21101 and https://access.redhat.com/support/offerings/techpreview.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ], "known_not_affected": [ "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3656" }, { "category": "external", "summary": "RHBZ#1983988", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1983988" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3656", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3656" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3656", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3656" }, { "category": "external", "summary": "https://www.openwall.com/lists/oss-security/2021/08/16/1", "url": "https://www.openwall.com/lists/oss-security/2021/08/16/1" } ], "release_date": "2021-08-16T12:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-11-02T09:09:27+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ], "restart_required": { "category": "machine" }, "url": "https://access.redhat.com/errata/RHSA-2021:4056" }, { "category": "workaround", "details": "This vulnerability can be mitigated by disabling the nested virtualization feature:\n```\n# modprobe -r kvm_amd\n# modprobe kvm_amd nested=0\n```\n\nDisabling VLS (Virtual VMLOAD/VMSAVE) is an alternative mitigation:\n```\n# modprobe kvm_amd vls=0\n```", "product_ids": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1" }, "products": [ "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "BaseOS-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:bpftool-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.src", "CRB-8.4.0.Z.MAIN.EUS:kernel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-abi-stablelists-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-cross-headers-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-core-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debug-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-aarch64-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-ppc64le-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-s390x-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-debuginfo-common-x86_64-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-doc-0:4.18.0-305.25.1.el8_4.noarch", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-modules-extra-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:kernel-tools-libs-devel-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-core-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-devel-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:kernel-zfcpdump-modules-extra-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-0:4.18.0-305.25.1.el8_4.x86_64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.aarch64", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.ppc64le", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.s390x", "CRB-8.4.0.Z.MAIN.EUS:python3-perf-debuginfo-0:4.18.0-305.25.1.el8_4.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)" } ] }
ICSA-24-074-07
Vulnerability from csaf_cisa
Published
2024-03-14 06:00
Modified
2024-03-14 06:00
Summary
Siemens SIMATIC
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code within the context of a privileged process.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Do not click web links or open attachments in unsolicited email messages.
Recommended Practices
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Recommended Practices
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code within the context of a privileged process.", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "Do not click web links or open attachments in unsolicited email messages.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-24-074-07 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-074-07.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-24-074-07 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Siemens SIMATIC", "tracking": { "current_release_date": "2024-03-14T06:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-24-074-07", "initial_release_date": "2024-03-14T06:00:00.000000Z", "revision_history": [ { "date": "2024-03-14T06:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV2.2", "product": { "name": "Siemens SIMATIC RF160B (6GT2003-0FA00): \u003cV2.2", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SIMATIC RF160B (6GT2003-0FA00)" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-14491", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device, and must be in a privileged position to inject malicious DNS responses.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14491" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2017-18509", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18509" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-0338", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-9 Android ID: A-123700107", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-0338" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-0417", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-154319182", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-0417" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-10768", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10768" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-11301", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11301" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-14305", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds memory write flaw was found in how the Linux kernel\u0027s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14305" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-14381", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14381" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-15436", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15436" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-24587", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24587" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 2.6, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-25705", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "notes": [ { "category": "summary", "text": "A flaw in ICMP packets in the Linux kernel was found to allow to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25705" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-26555", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26555" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-26558", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26558" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-29660", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-29660" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-29661", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-29661" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0302", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android-9 Android-10Android ID: A-155287782", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0302" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0305", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-154015447", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0305" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0325", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-174238784", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0325" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0326", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In p2p_copy_client_info of p2p.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi direct search, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172937525", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0326" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0327", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-172935267", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0327" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0328", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172670415", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0328" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0329", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In several native functions called by AdvertiseManager.java, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-171400004", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0329" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0330", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-170732441", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0330" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0331", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-170731783", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0331" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0333", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-168504491", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0333" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0334", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-163358811", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0334" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0336", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-158219161", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0336" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0337", "cwe": { "id": "CWE-312", "name": "Cleartext Storage of Sensitive Information" }, "notes": [ { "category": "summary", "text": "In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-157474195", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0337" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0339", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-145728687", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0339" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0341", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171980069", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0341" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0390", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174749461", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0390" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0391", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172841550", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0391" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0392", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-175124730", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0392" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0393", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-168041375", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0393" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0394", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172655291", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0394" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0396", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-160610106", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0396" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0397", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174052148", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0397" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0399", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-176919394References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0399" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0400", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-177561690", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0400" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0429", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175074139", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0429" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0431", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174149901", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0431" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0433", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171221090", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0433" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0434", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, a phishing attack is possible allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-167403112", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0434" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0435", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "notes": [ { "category": "summary", "text": "In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174150451", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0435" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0436", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out-of-bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496160", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0436" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0437", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176168330", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0437" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0438", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-152064592", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0438" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0443", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user profiles with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-170474245", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0443" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0444", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-178825358", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0444" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0471", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444786", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0471" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0473", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "summary", "text": "In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179687208", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0473" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0474", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-177611958", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0474" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0476", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-169252501", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0476" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0478", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-169255797", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0478" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0480", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-174493336", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0480" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0481", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-172939189", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0481" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0484", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-173720767", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0484" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0506", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-181962311", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0506" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0507", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181860042", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0507" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0508", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176444154", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0508" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0509", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444161", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0509" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0510", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444622", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0510" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0511", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-178055795", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0511" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-173843328References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0513", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-156090809", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0513" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0514", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-9, Android-11, Android-8.1 Android ID: A-162604069", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0514" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0515", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-167389063", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0515" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0516", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out-of-bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181660448", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0516" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0519", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-176533109", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0519" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0520", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-10 Android ID: A-176237595", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0520" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0521", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174661955", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0521" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0522", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out-of-bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-174182139", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0522" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0584", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In verifyBufferObject of Parcel.cpp, there is a possible out-of-bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-179289794", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0584" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0585", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In beginWrite and beginRead of MessageQueueBase.h, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-184963385", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0585" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0586", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-182584940", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0586" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0587", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185259758", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0587" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0588", "cwe": { "id": "CWE-668", "name": "Exposure of Resource to Wrong Sphere" }, "notes": [ { "category": "summary", "text": "In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-177238342", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0588" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0589", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180939982", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0589" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0591", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179386960", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0591" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0593", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179386068", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0593" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0594", "cwe": { "id": "CWE-74", "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176445224", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0594" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0596", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181346550", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0596" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0597", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496502", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0597" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0598", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180422108", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0598" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0599", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175614289", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0599" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0600", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-179042963", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0600" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0601", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out-of-bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-180643802", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0601" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0604", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179910660", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0604" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0640", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In noteAtomLogged of StatsdStats.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-187957589", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0640" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0641", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185235454", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0641" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0642", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-185126149", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0642" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0646", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In sqlite3_str_vappendf of sqlite3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process\u0027s SQL with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-153352319", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0646" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0650", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-190286685", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0650" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0651", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In loadLabel of PackageItemInfo.java, there is a possible way to cause a denial of service in a device by having a long label in an app due to incorrect input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-67013844", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0651" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0652", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing objects that are not thread-safe. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185178568", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0652" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0653", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-177931370", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0653" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0682", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-159624555", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0682" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0683", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In runTraceIpcStop of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-185398942", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0683" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0684", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179839665", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0684" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0687", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "summary", "text": "In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-188913943", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0687" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0688", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-161149543", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0688" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0689", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-190188264", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0689" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0690", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-182152757", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0690" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0692", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-179289753", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0692" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0695", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In get_sock_stat of xt_qtaguid.c, there is a possible out-of-bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-184018316References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0695" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0704", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-179338675", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0704" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0706", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android Versions: Android-10 Android-11Android ID: A-193444889", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0706" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0708", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In runDumpHeap of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-183262161", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0708" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0870", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In RW_SetActivatedTagType of rw_main.cc, memory corruption is possible due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-192472262", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0870" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0919", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-197336441", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0919" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0920", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196926917References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0920" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0926", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-191053931", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0926" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0928", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-188675581", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0928" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0929", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-187527909 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0929" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0930", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-181660091", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0930" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0931", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-180747689", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0931" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0933", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "summary", "text": "In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-172251622", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0933" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0952", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user\u0027s contacts with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-195748381", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0952" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0953", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-184046278", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0953" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0961", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196046570References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0961" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0963", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199754277", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0963" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0964", "cwe": { "id": "CWE-681", "name": "Incorrect Conversion between Numeric Types" }, "notes": [ { "category": "summary", "text": "In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-193363621", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0964" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0965", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194300867", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0965" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0967", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In vorbis_book_decodev_set of codebook.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199065614", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0967" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0968", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In osi_malloc and osi_calloc of allocator.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197868577", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0968" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0970", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-196970023", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0970" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-1972", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-1972" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-1976", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-1976" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-29647", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29647" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-33909", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an out-of-bounds write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33909" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-38204", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-38204" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39621", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126319", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39621" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39623", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In doRead of SimpleDecodingSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194105348", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39623" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39626", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194695497", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39626" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39627", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126549", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39627" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197353344", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39629" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39633", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-150694665 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39633" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39634", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-204450605References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39634" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20127", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-221862119", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20127" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20130", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224314979", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20130" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20227", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In USB driver, there is a possible out-of-bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-216825460 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20227" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20229", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224536184", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20229" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20355", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-219498290", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20355" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20411", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-232023771", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20411" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20421", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239630375 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20421" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20422", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-237540956 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20422" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20423", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In rndis_set_response of rndis.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239842288 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20423" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20462", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230356196", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20462" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20466", "cwe": { "id": "CWE-1188", "name": "Initialization of a Resource with an Insecure Default" }, "notes": [ { "category": "summary", "text": "In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user\u0027s password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-179725730", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20466" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20468", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In BNEP_ConnectResp of bnep_api.cc, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-228450451", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20468" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20469", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230867224", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20469" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20472", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239210579", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20472" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20473", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239267173", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20473" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20476", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "summary", "text": "In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-240936919", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20476" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20483", "cwe": { "id": "CWE-191", "name": "Integer Underflow (Wrap or Wraparound)" }, "notes": [ { "category": "summary", "text": "In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out-of-bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-242459126", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20483" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20498", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In fdt_path_offset_namelen of fdt_ro.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246465319", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20498" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20500", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246540168", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20500" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] } ] }
icsa-24-074-07
Vulnerability from csaf_cisa
Published
2024-03-14 06:00
Modified
2024-03-14 06:00
Summary
Siemens SIMATIC
Notes
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code within the context of a privileged process.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Do not click web links or open attachments in unsolicited email messages.
Recommended Practices
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Recommended Practices
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Recommended Practices
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
{ "document": { "acknowledgments": [ { "organization": "Siemens", "summary": "reporting these vulnerabilities to CISA" } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en-US", "notes": [ { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "summary", "text": "Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code within the context of a privileged process.", "title": "Risk evaluation" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.", "title": "Recommended Practices" }, { "category": "general", "text": "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", "title": "Recommended Practices" }, { "category": "general", "text": "Do not click web links or open attachments in unsolicited email messages.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", "title": "Recommended Practices" }, { "category": "general", "text": "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", "title": "Recommended Practices" }, { "category": "general", "text": "No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.", "title": "Recommended Practices" } ], "publisher": { "category": "coordinator", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "ICS Advisory ICSA-24-074-07 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2024/icsa-24-074-07.json" }, { "category": "self", "summary": "ICSA Advisory ICSA-24-074-07 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-074-07" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ncas/tips/ST04-014" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Siemens SIMATIC", "tracking": { "current_release_date": "2024-03-14T06:00:00.000000Z", "generator": { "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-24-074-07", "initial_release_date": "2024-03-14T06:00:00.000000Z", "revision_history": [ { "date": "2024-03-14T06:00:00.000000Z", "legacy_version": "Initial", "number": "1", "summary": "Initial Publication" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV2.2", "product": { "name": "Siemens SIMATIC RF160B (6GT2003-0FA00): \u003cV2.2", "product_id": "CSAFPID-0001" } } ], "category": "product_name", "name": "SIMATIC RF160B (6GT2003-0FA00)" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-14491", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device, and must be in a privileged position to inject malicious DNS responses.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2017-14491" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2017-18509", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2017-18509" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-0338", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-9 Android ID: A-123700107", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-0338" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-0417", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-154319182", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-0417" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-10768", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10768" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-11301", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11301" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-14305", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds memory write flaw was found in how the Linux kernel\u0027s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14305" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-14381", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u0027s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14381" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-15436", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15436" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-24587", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-24587" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 2.6, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-25705", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "notes": [ { "category": "summary", "text": "A flaw in ICMP packets in the Linux kernel was found to allow to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25705" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-26555", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26555" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-26558", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26558" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-29660", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-29660" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2020-29661", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2020-29661" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0302", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android-9 Android-10Android ID: A-155287782", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0302" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0305", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-154015447", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0305" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0325", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-174238784", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0325" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0326", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In p2p_copy_client_info of p2p.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi direct search, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172937525", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0326" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0327", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-172935267", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0327" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0328", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172670415", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0328" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0329", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In several native functions called by AdvertiseManager.java, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-171400004", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0329" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0330", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-170732441", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0330" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0331", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-170731783", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0331" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0333", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-168504491", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0333" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0334", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-163358811", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0334" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0336", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-158219161", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0336" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0337", "cwe": { "id": "CWE-312", "name": "Cleartext Storage of Sensitive Information" }, "notes": [ { "category": "summary", "text": "In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-157474195", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0337" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0339", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-145728687", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0339" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0341", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171980069", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0341" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0390", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174749461", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0390" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0391", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172841550", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0391" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0392", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-175124730", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0392" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0393", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-168041375", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0393" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0394", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172655291", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0394" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0396", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-160610106", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0396" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0397", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174052148", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0397" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0399", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-176919394References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0399" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0400", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-177561690", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0400" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0429", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175074139", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0429" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0431", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174149901", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0431" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0433", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171221090", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0433" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0434", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, a phishing attack is possible allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-167403112", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0434" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0435", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "notes": [ { "category": "summary", "text": "In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174150451", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0435" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0436", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out-of-bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496160", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0436" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0437", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176168330", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0437" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0438", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-152064592", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0438" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0443", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user profiles with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-170474245", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0443" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0444", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-178825358", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0444" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0471", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444786", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0471" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0473", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "summary", "text": "In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179687208", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0473" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0474", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-177611958", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0474" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0476", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-169252501", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0476" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0478", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-169255797", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0478" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0480", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-174493336", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0480" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0481", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-172939189", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0481" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0484", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-173720767", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0484" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0506", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-181962311", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0506" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0507", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181860042", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0507" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0508", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176444154", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0508" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0509", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444161", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0509" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0510", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444622", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0510" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0511", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-178055795", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0511" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-173843328References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0512" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0513", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-156090809", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0513" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0514", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-9, Android-11, Android-8.1 Android ID: A-162604069", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0514" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0515", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-167389063", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0515" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0516", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out-of-bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181660448", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0516" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0519", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-176533109", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0519" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0520", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-10 Android ID: A-176237595", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0520" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0521", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174661955", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0521" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0522", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out-of-bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-174182139", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0522" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0584", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In verifyBufferObject of Parcel.cpp, there is a possible out-of-bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-179289794", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0584" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0585", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In beginWrite and beginRead of MessageQueueBase.h, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-184963385", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0585" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0586", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-182584940", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0586" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0587", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185259758", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0587" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0588", "cwe": { "id": "CWE-668", "name": "Exposure of Resource to Wrong Sphere" }, "notes": [ { "category": "summary", "text": "In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-177238342", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0588" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0589", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180939982", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0589" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0591", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179386960", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0591" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0593", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179386068", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0593" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0594", "cwe": { "id": "CWE-74", "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176445224", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0594" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0596", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181346550", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0596" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0597", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496502", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0597" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0598", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180422108", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0598" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0599", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175614289", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0599" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0600", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-179042963", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0600" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0601", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out-of-bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-180643802", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0601" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0604", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179910660", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0604" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0640", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In noteAtomLogged of StatsdStats.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-187957589", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0640" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0641", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185235454", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0641" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0642", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-185126149", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0642" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0646", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In sqlite3_str_vappendf of sqlite3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process\u0027s SQL with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-153352319", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0646" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0650", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-190286685", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0650" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0651", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In loadLabel of PackageItemInfo.java, there is a possible way to cause a denial of service in a device by having a long label in an app due to incorrect input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-67013844", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0651" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0652", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing objects that are not thread-safe. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185178568", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0652" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0653", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-177931370", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0653" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0682", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-159624555", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0682" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0683", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In runTraceIpcStop of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-185398942", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0683" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0684", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179839665", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0684" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0687", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "summary", "text": "In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-188913943", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0687" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0688", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-161149543", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0688" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0689", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-190188264", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0689" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0690", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-182152757", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0690" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0692", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-179289753", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0692" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0695", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In get_sock_stat of xt_qtaguid.c, there is a possible out-of-bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-184018316References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0695" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0704", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-179338675", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0704" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0706", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android Versions: Android-10 Android-11Android ID: A-193444889", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0706" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0708", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In runDumpHeap of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-183262161", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0708" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0870", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In RW_SetActivatedTagType of rw_main.cc, memory corruption is possible due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-192472262", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0870" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0919", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-197336441", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0919" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0920", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196926917References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0920" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0926", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-191053931", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0926" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0928", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-188675581", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0928" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0929", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-187527909 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0929" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0930", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-181660091", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0930" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0931", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-180747689", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0931" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0933", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "summary", "text": "In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-172251622", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0933" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0952", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user\u0027s contacts with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-195748381", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0952" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0953", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-184046278", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0953" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0961", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196046570References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0961" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0963", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199754277", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0963" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0964", "cwe": { "id": "CWE-681", "name": "Incorrect Conversion between Numeric Types" }, "notes": [ { "category": "summary", "text": "In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-193363621", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0964" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0965", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194300867", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0965" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0967", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In vorbis_book_decodev_set of codebook.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199065614", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0967" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0968", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In osi_malloc and osi_calloc of allocator.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197868577", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0968" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-0970", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-196970023", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-0970" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-1972", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-1972" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-1976", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-1976" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-29647", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-29647" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-33909", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an out-of-bounds write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-33909" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-38204", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-38204" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39621", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126319", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39621" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39623", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In doRead of SimpleDecodingSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194105348", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39623" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39626", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194695497", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39626" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39627", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126549", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39627" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197353344", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39629" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39633", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-150694665 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39633" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2021-39634", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-204450605References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2021-39634" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20127", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-221862119", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20127" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20130", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224314979", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20130" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20227", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In USB driver, there is a possible out-of-bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-216825460 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20227" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20229", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224536184", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20229" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20355", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-219498290", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20355" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20411", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-232023771", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20411" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20421", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239630375 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20421" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20422", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-237540956 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20422" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20423", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In rndis_set_response of rndis.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239842288 References: Upstream kernel", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20423" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20462", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230356196", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20462" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20466", "cwe": { "id": "CWE-1188", "name": "Initialization of a Resource with an Insecure Default" }, "notes": [ { "category": "summary", "text": "In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user\u0027s password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-179725730", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20466" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20468", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In BNEP_ConnectResp of bnep_api.cc, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-228450451", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20468" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20469", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230867224", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20469" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20472", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239210579", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20472" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20473", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239267173", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20473" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20476", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "summary", "text": "In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-240936919", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20476" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20483", "cwe": { "id": "CWE-191", "name": "Integer Underflow (Wrap or Wraparound)" }, "notes": [ { "category": "summary", "text": "In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out-of-bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-242459126", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20483" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20498", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In fdt_path_offset_namelen of fdt_ro.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246465319", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20498" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] }, { "cve": "CVE-2022-20500", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246540168", "title": "Vulnerability Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001" ] }, "references": [ { "category": "external", "summary": "www.cve.org", "url": "https://www.cve.org/CVERecord?id=CVE-2022-20500" }, { "category": "external", "summary": "www.first.org", "url": "https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "remediations": [ { "category": "mitigation", "details": "Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends to update to the latest version.", "product_ids": [ "CSAFPID-0001" ] }, { "category": "mitigation", "details": "As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens\u0027 operational guidelines for industrial security and following recommendations in the product manuals.", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/cert/operational-guidelines-industrial-security" }, { "category": "mitigation", "details": "Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage", "product_ids": [ "CSAFPID-0001" ], "url": "https://www.siemens.com/industrialsecurity" }, { "category": "mitigation", "details": "For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.", "product_ids": [ "CSAFPID-0001" ], "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001" ] } ] } ] }
gsd-2021-0512
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel
Aliases
Aliases
{ "GSD": { "alias": "CVE-2021-0512", "description": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel", "id": "GSD-2021-0512", "references": [ "https://www.suse.com/security/cve/CVE-2021-0512.html", "https://access.redhat.com/errata/RHSA-2021:4750", "https://access.redhat.com/errata/RHSA-2021:4122", "https://access.redhat.com/errata/RHSA-2021:4088", "https://access.redhat.com/errata/RHSA-2021:4056", "https://access.redhat.com/errata/RHSA-2021:3446", "https://access.redhat.com/errata/RHSA-2021:3445", "https://access.redhat.com/errata/RHSA-2021:3443", "https://linux.oracle.com/cve/CVE-2021-0512.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2021-0512" ], "details": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel", "id": "GSD-2021-0512", "modified": "2023-12-13T01:23:06.998471Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2021-0512", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android", "version": { "version_data": [ { "version_value": "Android kernel" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Elevation of privilege" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2021-06-01", "refsource": "MISC", "url": "https://source.android.com/security/bulletin/2021-06-01" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "security@android.com", "ID": "CVE-2021-0512" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-787" } ] } ] }, "references": { "reference_data": [ { "name": "https://source.android.com/security/bulletin/2021-06-01", "refsource": "MISC", "tags": [ "Patch", "Vendor Advisory" ], "url": "https://source.android.com/security/bulletin/2021-06-01" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "exploitabilityScore": 1.8, "impactScore": 5.9 } }, "lastModifiedDate": "2021-06-23T18:04Z", "publishedDate": "2021-06-21T17:15Z" } } }
SSA-770721
Vulnerability from csaf_siemens
Published
2024-03-12 00:00
Modified
2024-03-12 00:00
Summary
SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2
Notes
Summary
SIMATIC RF160B contain multiple vulnerabilities of different types that could allow an attacker to execute arbitrary code within the context of a privileged process.
Siemens has released a new version for SIMATIC RF160B and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)", "tlp": { "label": "WHITE" } }, "lang": "en", "notes": [ { "category": "summary", "text": "SIMATIC RF160B contain multiple vulnerabilities of different types that could allow an attacker to execute arbitrary code within the context of a privileged process.\n\nSiemens has released a new version for SIMATIC RF160B and recommends to update to the latest version.", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "productcert@siemens.com", "name": "Siemens ProductCERT", "namespace": "https://www.siemens.com" }, "references": [ { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" }, { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-770721.json" }, { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-770721.pdf" }, { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-770721.txt" } ], "title": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2", "tracking": { "current_release_date": "2024-03-12T00:00:00Z", "generator": { "engine": { "name": "Siemens ProductCERT CSAF Generator", "version": "1" } }, "id": "SSA-770721", "initial_release_date": "2024-03-12T00:00:00Z", "revision_history": [ { "date": "2024-03-12T00:00:00Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" } ], "status": "interim", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV2.2", "product": { "name": "SIMATIC RF160B (6GT2003-0FA00)", "product_id": "1", "product_identification_helper": { "model_numbers": [ "6GT2003-0FA00" ] } } } ], "category": "product_name", "name": "SIMATIC RF160B (6GT2003-0FA00)" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-14491", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device, and must be in a privileged position to inject malicious DNS responses.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2017-14491" }, { "cve": "CVE-2017-18509", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2017-18509" }, { "cve": "CVE-2020-0338", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-123700107", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-0338" }, { "cve": "CVE-2020-0417", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-154319182", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-0417" }, { "cve": "CVE-2020-10768", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-10768" }, { "cve": "CVE-2020-11301", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-11301" }, { "cve": "CVE-2020-14305", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds memory write flaw was found in how the Linux kernel\u2019s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-14305" }, { "cve": "CVE-2020-14381", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u2019s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-14381" }, { "cve": "CVE-2020-15436", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-15436" }, { "cve": "CVE-2020-24587", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 2.6, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-24587" }, { "cve": "CVE-2020-25705", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "notes": [ { "category": "summary", "text": "A flaw in ICMP packets in the Linux kernel was found to allow to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-25705" }, { "cve": "CVE-2020-26555", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-26555" }, { "cve": "CVE-2020-26558", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-26558" }, { "cve": "CVE-2020-29660", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-29660" }, { "cve": "CVE-2020-29661", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-29661" }, { "cve": "CVE-2021-0302", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-155287782", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0302" }, { "cve": "CVE-2021-0305", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-154015447", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0305" }, { "cve": "CVE-2021-0325", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-174238784", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0325" }, { "cve": "CVE-2021-0326", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0326" }, { "cve": "CVE-2021-0327", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-172935267", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0327" }, { "cve": "CVE-2021-0328", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172670415", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0328" }, { "cve": "CVE-2021-0329", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-171400004", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0329" }, { "cve": "CVE-2021-0330", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-170732441", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0330" }, { "cve": "CVE-2021-0331", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-170731783", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0331" }, { "cve": "CVE-2021-0333", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-168504491", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0333" }, { "cve": "CVE-2021-0334", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-163358811", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0334" }, { "cve": "CVE-2021-0336", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-158219161", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0336" }, { "cve": "CVE-2021-0337", "cwe": { "id": "CWE-312", "name": "Cleartext Storage of Sensitive Information" }, "notes": [ { "category": "summary", "text": "In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-157474195", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0337" }, { "cve": "CVE-2021-0339", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-145728687", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0339" }, { "cve": "CVE-2021-0341", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0341" }, { "cve": "CVE-2021-0390", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174749461", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0390" }, { "cve": "CVE-2021-0391", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172841550", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0391" }, { "cve": "CVE-2021-0392", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0392" }, { "cve": "CVE-2021-0393", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-168041375", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0393" }, { "cve": "CVE-2021-0394", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172655291", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0394" }, { "cve": "CVE-2021-0396", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-160610106", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0396" }, { "cve": "CVE-2021-0397", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0397" }, { "cve": "CVE-2021-0399", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176919394References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0399" }, { "cve": "CVE-2021-0400", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-177561690", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0400" }, { "cve": "CVE-2021-0429", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-175074139", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0429" }, { "cve": "CVE-2021-0431", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174149901", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0431" }, { "cve": "CVE-2021-0433", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171221090", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0433" }, { "cve": "CVE-2021-0434", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-167403112", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0434" }, { "cve": "CVE-2021-0435", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "notes": [ { "category": "summary", "text": "In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0435" }, { "cve": "CVE-2021-0436", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176496160", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0436" }, { "cve": "CVE-2021-0437", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176168330", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0437" }, { "cve": "CVE-2021-0438", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-152064592", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0438" }, { "cve": "CVE-2021-0443", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user profiles with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-170474245", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0443" }, { "cve": "CVE-2021-0444", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-178825358", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0444" }, { "cve": "CVE-2021-0471", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444786", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0471" }, { "cve": "CVE-2021-0473", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "summary", "text": "In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179687208", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0473" }, { "cve": "CVE-2021-0474", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-177611958", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0474" }, { "cve": "CVE-2021-0476", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-169252501", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0476" }, { "cve": "CVE-2021-0478", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-169255797", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0478" }, { "cve": "CVE-2021-0480", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-174493336", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0480" }, { "cve": "CVE-2021-0481", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-172939189", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0481" }, { "cve": "CVE-2021-0484", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-173720767", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0484" }, { "cve": "CVE-2021-0506", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-181962311", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0506" }, { "cve": "CVE-2021-0507", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181860042", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0507" }, { "cve": "CVE-2021-0508", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176444154", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0508" }, { "cve": "CVE-2021-0509", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444161", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0509" }, { "cve": "CVE-2021-0510", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444622", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0510" }, { "cve": "CVE-2021-0511", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-178055795", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0511" }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0512" }, { "cve": "CVE-2021-0513", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-156090809", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0513" }, { "cve": "CVE-2021-0514", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9 Android-11 Android-8.1Android ID: A-162604069", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0514" }, { "cve": "CVE-2021-0515", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-167389063", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0515" }, { "cve": "CVE-2021-0516", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181660448", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0516" }, { "cve": "CVE-2021-0519", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-176533109", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0519" }, { "cve": "CVE-2021-0520", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-176237595", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0520" }, { "cve": "CVE-2021-0521", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174661955", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0521" }, { "cve": "CVE-2021-0522", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-174182139", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0522" }, { "cve": "CVE-2021-0584", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-179289794", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0584" }, { "cve": "CVE-2021-0585", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In beginWrite and beginRead of MessageQueueBase.h, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-184963385", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0585" }, { "cve": "CVE-2021-0586", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-182584940", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0586" }, { "cve": "CVE-2021-0587", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185259758", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0587" }, { "cve": "CVE-2021-0588", "cwe": { "id": "CWE-668", "name": "Exposure of Resource to Wrong Sphere" }, "notes": [ { "category": "summary", "text": "In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-177238342", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0588" }, { "cve": "CVE-2021-0589", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180939982", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0589" }, { "cve": "CVE-2021-0591", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179386960", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0591" }, { "cve": "CVE-2021-0593", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179386068", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0593" }, { "cve": "CVE-2021-0594", "cwe": { "id": "CWE-74", "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176445224", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0594" }, { "cve": "CVE-2021-0596", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181346550", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0596" }, { "cve": "CVE-2021-0597", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176496502", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0597" }, { "cve": "CVE-2021-0598", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180422108", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0598" }, { "cve": "CVE-2021-0599", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-175614289", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0599" }, { "cve": "CVE-2021-0600", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-179042963", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0600" }, { "cve": "CVE-2021-0601", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out of bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-180643802", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0601" }, { "cve": "CVE-2021-0604", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179910660", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0604" }, { "cve": "CVE-2021-0640", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0640" }, { "cve": "CVE-2021-0641", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185235454", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0641" }, { "cve": "CVE-2021-0642", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-185126149", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0642" }, { "cve": "CVE-2021-0646", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In sqlite3_str_vappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process\u0027s SQL with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-153352319", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0646" }, { "cve": "CVE-2021-0650", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-190286685", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0650" }, { "cve": "CVE-2021-0651", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In loadLabel of PackageItemInfo.java, there is a possible way to DoS a device by having a long label in an app due to incorrect input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-67013844", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0651" }, { "cve": "CVE-2021-0652", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0652" }, { "cve": "CVE-2021-0653", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-177931370", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0653" }, { "cve": "CVE-2021-0682", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-159624555", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0682" }, { "cve": "CVE-2021-0683", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-185398942", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0683" }, { "cve": "CVE-2021-0684", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179839665", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0684" }, { "cve": "CVE-2021-0687", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "summary", "text": "In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-188913943", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0687" }, { "cve": "CVE-2021-0688", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-161149543", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0688" }, { "cve": "CVE-2021-0689", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-190188264", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0689" }, { "cve": "CVE-2021-0690", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-182152757", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0690" }, { "cve": "CVE-2021-0692", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-179289753", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0692" }, { "cve": "CVE-2021-0695", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-184018316References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0695" }, { "cve": "CVE-2021-0704", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-179338675", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0704" }, { "cve": "CVE-2021-0706", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-193444889", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0706" }, { "cve": "CVE-2021-0708", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-183262161", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0708" }, { "cve": "CVE-2021-0870", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-192472262", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0870" }, { "cve": "CVE-2021-0919", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-197336441", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0919" }, { "cve": "CVE-2021-0920", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0920" }, { "cve": "CVE-2021-0926", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-191053931", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0926" }, { "cve": "CVE-2021-0928", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-188675581", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0928" }, { "cve": "CVE-2021-0929", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0929" }, { "cve": "CVE-2021-0930", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-181660091", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0930" }, { "cve": "CVE-2021-0931", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-180747689", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0931" }, { "cve": "CVE-2021-0933", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "summary", "text": "In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-172251622", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0933" }, { "cve": "CVE-2021-0952", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user\u0027s contacts with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-195748381", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0952" }, { "cve": "CVE-2021-0953", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-184046278", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0953" }, { "cve": "CVE-2021-0961", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196046570References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0961" }, { "cve": "CVE-2021-0963", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-199754277", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0963" }, { "cve": "CVE-2021-0964", "cwe": { "id": "CWE-681", "name": "Incorrect Conversion between Numeric Types" }, "notes": [ { "category": "summary", "text": "In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0964" }, { "cve": "CVE-2021-0965", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194300867", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0965" }, { "cve": "CVE-2021-0967", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-199065614", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0967" }, { "cve": "CVE-2021-0968", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In osi_malloc and osi_calloc of allocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197868577", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0968" }, { "cve": "CVE-2021-0970", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-196970023", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0970" }, { "cve": "CVE-2021-1972", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-1972" }, { "cve": "CVE-2021-1976", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-1976" }, { "cve": "CVE-2021-29647", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-29647" }, { "cve": "CVE-2021-33909", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-33909" }, { "cve": "CVE-2021-38204", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-38204" }, { "cve": "CVE-2021-39621", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126319", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39621" }, { "cve": "CVE-2021-39623", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194105348", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39623" }, { "cve": "CVE-2021-39626", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695497", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39626" }, { "cve": "CVE-2021-39627", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126549", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39627" }, { "cve": "CVE-2021-39629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197353344", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39629" }, { "cve": "CVE-2021-39633", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150694665References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39633" }, { "cve": "CVE-2021-39634", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39634" }, { "cve": "CVE-2022-20127", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20127" }, { "cve": "CVE-2022-20130", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20130" }, { "cve": "CVE-2022-20227", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216825460References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20227" }, { "cve": "CVE-2022-20229", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20229" }, { "cve": "CVE-2022-20355", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219498290", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20355" }, { "cve": "CVE-2022-20411", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-232023771", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20411" }, { "cve": "CVE-2022-20421", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20421" }, { "cve": "CVE-2022-20422", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20422" }, { "cve": "CVE-2022-20423", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239842288References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20423" }, { "cve": "CVE-2022-20462", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230356196", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20462" }, { "cve": "CVE-2022-20466", "cwe": { "id": "CWE-1188", "name": "Initialization of a Resource with an Insecure Default" }, "notes": [ { "category": "summary", "text": "In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user\u0027s password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-179725730", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20466" }, { "cve": "CVE-2022-20468", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228450451", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20468" }, { "cve": "CVE-2022-20469", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230867224", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20469" }, { "cve": "CVE-2022-20472", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239210579", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20472" }, { "cve": "CVE-2022-20473", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239267173", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20473" }, { "cve": "CVE-2022-20476", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "summary", "text": "In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-240936919", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20476" }, { "cve": "CVE-2022-20483", "cwe": { "id": "CWE-191", "name": "Integer Underflow (Wrap or Wraparound)" }, "notes": [ { "category": "summary", "text": "In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242459126", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20483" }, { "cve": "CVE-2022-20498", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246465319", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20498" }, { "cve": "CVE-2022-20500", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20500" } ] }
ssa-770721
Vulnerability from csaf_siemens
Published
2024-03-12 00:00
Modified
2024-03-12 00:00
Summary
SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2
Notes
Summary
SIMATIC RF160B contain multiple vulnerabilities of different types that could allow an attacker to execute arbitrary code within the context of a privileged process.
Siemens has released a new version for SIMATIC RF160B and recommends to update to the latest version.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
{ "document": { "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited. (TLPv2: TLP:CLEAR)", "tlp": { "label": "WHITE" } }, "lang": "en", "notes": [ { "category": "summary", "text": "SIMATIC RF160B contain multiple vulnerabilities of different types that could allow an attacker to execute arbitrary code within the context of a privileged process.\n\nSiemens has released a new version for SIMATIC RF160B and recommends to update to the latest version.", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "Siemens Security Advisories are subject to the terms and conditions contained in Siemens\u0027 underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens\u0027 Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "productcert@siemens.com", "name": "Siemens ProductCERT", "namespace": "https://www.siemens.com" }, "references": [ { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-770721.html" }, { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-770721.json" }, { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - PDF Version", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-770721.pdf" }, { "category": "self", "summary": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2 - TXT Version", "url": "https://cert-portal.siemens.com/productcert/txt/ssa-770721.txt" } ], "title": "SSA-770721: Multiple Vulnerabilities in SIMATIC RF160B before V2.2", "tracking": { "current_release_date": "2024-03-12T00:00:00Z", "generator": { "engine": { "name": "Siemens ProductCERT CSAF Generator", "version": "1" } }, "id": "SSA-770721", "initial_release_date": "2024-03-12T00:00:00Z", "revision_history": [ { "date": "2024-03-12T00:00:00Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" } ], "status": "interim", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003cV2.2", "product": { "name": "SIMATIC RF160B (6GT2003-0FA00)", "product_id": "1", "product_identification_helper": { "model_numbers": [ "6GT2003-0FA00" ] } } } ], "category": "product_name", "name": "SIMATIC RF160B (6GT2003-0FA00)" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2017-14491", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device, and must be in a privileged position to inject malicious DNS responses.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2017-14491" }, { "cve": "CVE-2017-18509", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2017-18509" }, { "cve": "CVE-2020-0338", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-123700107", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-0338" }, { "cve": "CVE-2020-0417", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-154319182", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-0417" }, { "cve": "CVE-2020-10768", "cwe": { "id": "CWE-440", "name": "Expected Behavior Violation" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being \u0027force disabled\u0027 when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-10768" }, { "cve": "CVE-2020-11301", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-11301" }, { "cve": "CVE-2020-14305", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "An out-of-bounds memory write flaw was found in how the Linux kernel\u2019s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-14305" }, { "cve": "CVE-2020-14381", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A flaw was found in the Linux kernel\u2019s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-14381" }, { "cve": "CVE-2020-15436", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-15436" }, { "cve": "CVE-2020-24587", "cwe": { "id": "CWE-326", "name": "Inadequate Encryption Strength" }, "notes": [ { "category": "summary", "text": "The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn\u0027t require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 2.6, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-24587" }, { "cve": "CVE-2020-25705", "cwe": { "id": "CWE-330", "name": "Use of Insufficiently Random Values" }, "notes": [ { "category": "summary", "text": "A flaw in ICMP packets in the Linux kernel was found to allow to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.4, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-25705" }, { "cve": "CVE-2020-26555", "cwe": { "id": "CWE-863", "name": "Incorrect Authorization" }, "notes": [ { "category": "summary", "text": "Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-26555" }, { "cve": "CVE-2020-26558", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.2, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-26558" }, { "cve": "CVE-2020-29660", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-29660" }, { "cve": "CVE-2020-29661", "cwe": { "id": "CWE-667", "name": "Improper Locking" }, "notes": [ { "category": "summary", "text": "A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2020-29661" }, { "cve": "CVE-2021-0302", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-155287782", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0302" }, { "cve": "CVE-2021-0305", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-154015447", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0305" }, { "cve": "CVE-2021-0325", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-174238784", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0325" }, { "cve": "CVE-2021-0326", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In p2p_copy_client_info of p2p.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi Direct search, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172937525", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0326" }, { "cve": "CVE-2021-0327", "cwe": { "id": "CWE-269", "name": "Improper Privilege Management" }, "notes": [ { "category": "summary", "text": "In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-172935267", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0327" }, { "cve": "CVE-2021-0328", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172670415", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0328" }, { "cve": "CVE-2021-0329", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In several native functions called by AdvertiseManager.java, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-171400004", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0329" }, { "cve": "CVE-2021-0330", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-170732441", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0330" }, { "cve": "CVE-2021-0331", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-170731783", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0331" }, { "cve": "CVE-2021-0333", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-168504491", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0333" }, { "cve": "CVE-2021-0334", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-163358811", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0334" }, { "cve": "CVE-2021-0336", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-158219161", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0336" }, { "cve": "CVE-2021-0337", "cwe": { "id": "CWE-312", "name": "Cleartext Storage of Sensitive Information" }, "notes": [ { "category": "summary", "text": "In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-157474195", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0337" }, { "cve": "CVE-2021-0339", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-145728687", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0339" }, { "cve": "CVE-2021-0341", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "summary", "text": "In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0341" }, { "cve": "CVE-2021-0390", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174749461", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0390" }, { "cve": "CVE-2021-0391", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172841550", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0391" }, { "cve": "CVE-2021-0392", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-175124730", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0392" }, { "cve": "CVE-2021-0393", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-168041375", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0393" }, { "cve": "CVE-2021-0394", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-172655291", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0394" }, { "cve": "CVE-2021-0396", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-160610106", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0396" }, { "cve": "CVE-2021-0397", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0397" }, { "cve": "CVE-2021-0399", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176919394References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0399" }, { "cve": "CVE-2021-0400", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-177561690", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0400" }, { "cve": "CVE-2021-0429", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-175074139", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0429" }, { "cve": "CVE-2021-0431", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174149901", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0431" }, { "cve": "CVE-2021-0433", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171221090", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0433" }, { "cve": "CVE-2021-0434", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-167403112", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0434" }, { "cve": "CVE-2021-0435", "cwe": { "id": "CWE-665", "name": "Improper Initialization" }, "notes": [ { "category": "summary", "text": "In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174150451", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0435" }, { "cve": "CVE-2021-0436", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176496160", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0436" }, { "cve": "CVE-2021-0437", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176168330", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0437" }, { "cve": "CVE-2021-0438", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-152064592", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0438" }, { "cve": "CVE-2021-0443", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user profiles with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-170474245", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0443" }, { "cve": "CVE-2021-0444", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-178825358", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0444" }, { "cve": "CVE-2021-0471", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444786", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0471" }, { "cve": "CVE-2021-0473", "cwe": { "id": "CWE-908", "name": "Use of Uninitialized Resource" }, "notes": [ { "category": "summary", "text": "In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179687208", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0473" }, { "cve": "CVE-2021-0474", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avrc_msg_cback of avrc_api.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-177611958", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0474" }, { "cve": "CVE-2021-0476", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-169252501", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0476" }, { "cve": "CVE-2021-0478", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-169255797", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0478" }, { "cve": "CVE-2021-0480", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-174493336", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0480" }, { "cve": "CVE-2021-0481", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-172939189", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0481" }, { "cve": "CVE-2021-0484", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-173720767", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0484" }, { "cve": "CVE-2021-0506", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-181962311", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0506" }, { "cve": "CVE-2021-0507", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181860042", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0507" }, { "cve": "CVE-2021-0508", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176444154", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0508" }, { "cve": "CVE-2021-0509", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444161", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0509" }, { "cve": "CVE-2021-0510", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-176444622", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0510" }, { "cve": "CVE-2021-0511", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-178055795", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0511" }, { "cve": "CVE-2021-0512", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0512" }, { "cve": "CVE-2021-0513", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-156090809", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0513" }, { "cve": "CVE-2021-0514", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9 Android-11 Android-8.1Android ID: A-162604069", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0514" }, { "cve": "CVE-2021-0515", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-167389063", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0515" }, { "cve": "CVE-2021-0516", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181660448", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0516" }, { "cve": "CVE-2021-0519", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-176533109", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0519" }, { "cve": "CVE-2021-0520", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-176237595", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0520" }, { "cve": "CVE-2021-0521", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174661955", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0521" }, { "cve": "CVE-2021-0522", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out of bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-174182139", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0522" }, { "cve": "CVE-2021-0584", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-179289794", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0584" }, { "cve": "CVE-2021-0585", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In beginWrite and beginRead of MessageQueueBase.h, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-184963385", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.7, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0585" }, { "cve": "CVE-2021-0586", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-182584940", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0586" }, { "cve": "CVE-2021-0587", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185259758", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0587" }, { "cve": "CVE-2021-0588", "cwe": { "id": "CWE-668", "name": "Exposure of Resource to Wrong Sphere" }, "notes": [ { "category": "summary", "text": "In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-177238342", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0588" }, { "cve": "CVE-2021-0589", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180939982", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0589" }, { "cve": "CVE-2021-0591", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179386960", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0591" }, { "cve": "CVE-2021-0593", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179386068", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0593" }, { "cve": "CVE-2021-0594", "cwe": { "id": "CWE-74", "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-176445224", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0594" }, { "cve": "CVE-2021-0596", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-181346550", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0596" }, { "cve": "CVE-2021-0597", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-176496502", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0597" }, { "cve": "CVE-2021-0598", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-180422108", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.3, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0598" }, { "cve": "CVE-2021-0599", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-175614289", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0599" }, { "cve": "CVE-2021-0600", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-179042963", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0600" }, { "cve": "CVE-2021-0601", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out of bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-180643802", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0601" }, { "cve": "CVE-2021-0604", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179910660", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0604" }, { "cve": "CVE-2021-0640", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In noteAtomLogged of StatsdStats.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-187957589", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0640" }, { "cve": "CVE-2021-0641", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185235454", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0641" }, { "cve": "CVE-2021-0642", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-185126149", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0642" }, { "cve": "CVE-2021-0646", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In sqlite3_str_vappendf of sqlite3.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process\u0027s SQL with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-153352319", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0646" }, { "cve": "CVE-2021-0650", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-190286685", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0650" }, { "cve": "CVE-2021-0651", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In loadLabel of PackageItemInfo.java, there is a possible way to DoS a device by having a long label in an app due to incorrect input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-67013844", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0651" }, { "cve": "CVE-2021-0652", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing of not thread-safe objects. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-185178568", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0652" }, { "cve": "CVE-2021-0653", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-177931370", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0653" }, { "cve": "CVE-2021-0682", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-159624555", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0682" }, { "cve": "CVE-2021-0683", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In runTraceIpcStop of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-185398942", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0683" }, { "cve": "CVE-2021-0684", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-179839665", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0684" }, { "cve": "CVE-2021-0687", "cwe": { "id": "CWE-834", "name": "Excessive Iteration" }, "notes": [ { "category": "summary", "text": "In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-188913943", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0687" }, { "cve": "CVE-2021-0688", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-161149543", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0688" }, { "cve": "CVE-2021-0689", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-190188264", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0689" }, { "cve": "CVE-2021-0690", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-182152757", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0690" }, { "cve": "CVE-2021-0692", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-9 Android-10Android ID: A-179289753", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0692" }, { "cve": "CVE-2021-0695", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In get_sock_stat of xt_qtaguid.c, there is a possible out of bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-184018316References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0695" }, { "cve": "CVE-2021-0704", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-179338675", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0704" }, { "cve": "CVE-2021-0706", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-193444889", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0706" }, { "cve": "CVE-2021-0708", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In runDumpHeap of ActivityManagerShellCommand.java, there is a possible deletion of system files due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-183262161", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0708" }, { "cve": "CVE-2021-0870", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In RW_SetActivatedTagType of rw_main.cc, there is possible memory corruption due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-192472262", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0870" }, { "cve": "CVE-2021-0919", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-197336441", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0919" }, { "cve": "CVE-2021-0920", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0920" }, { "cve": "CVE-2021-0926", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-191053931", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0926" }, { "cve": "CVE-2021-0928", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-9Android ID: A-188675581", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0928" }, { "cve": "CVE-2021-0929", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-187527909References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0929" }, { "cve": "CVE-2021-0930", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-181660091", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0930" }, { "cve": "CVE-2021-0931", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-180747689", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0931" }, { "cve": "CVE-2021-0933", "cwe": { "id": "CWE-116", "name": "Improper Encoding or Escaping of Output" }, "notes": [ { "category": "summary", "text": "In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-172251622", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0933" }, { "cve": "CVE-2021-0952", "cwe": { "id": "CWE-311", "name": "Missing Encryption of Sensitive Data" }, "notes": [ { "category": "summary", "text": "In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user\u0027s contacts with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-195748381", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.0, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0952" }, { "cve": "CVE-2021-0953", "cwe": { "id": "CWE-281", "name": "Improper Preservation of Permissions" }, "notes": [ { "category": "summary", "text": "In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-184046278", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0953" }, { "cve": "CVE-2021-0961", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196046570References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0961" }, { "cve": "CVE-2021-0963", "cwe": { "id": "CWE-1021", "name": "Improper Restriction of Rendered UI Layers or Frames" }, "notes": [ { "category": "summary", "text": "In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-199754277", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.1, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0963" }, { "cve": "CVE-2021-0964", "cwe": { "id": "CWE-681", "name": "Incorrect Conversion between Numeric Types" }, "notes": [ { "category": "summary", "text": "In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-193363621", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0964" }, { "cve": "CVE-2021-0965", "cwe": { "id": "CWE-862", "name": "Missing Authorization" }, "notes": [ { "category": "summary", "text": "In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user\u0027s consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194300867", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0965" }, { "cve": "CVE-2021-0967", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In vorbis_book_decodev_set of codebook.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-199065614", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0967" }, { "cve": "CVE-2021-0968", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In osi_malloc and osi_calloc of allocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197868577", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0968" }, { "cve": "CVE-2021-0970", "cwe": { "id": "CWE-502", "name": "Deserialization of Untrusted Data" }, "notes": [ { "category": "summary", "text": "In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-196970023", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-0970" }, { "cve": "CVE-2021-1972", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "notes": [ { "category": "summary", "text": "Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-1972" }, { "cve": "CVE-2021-1976", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice \u0026 Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-1976" }, { "cve": "CVE-2021-29647", "cwe": { "id": "CWE-909", "name": "Missing Initialization of Resource" }, "notes": [ { "category": "summary", "text": "An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-29647" }, { "cve": "CVE-2021-33909", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-33909" }, { "cve": "CVE-2021-38204", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.8, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-38204" }, { "cve": "CVE-2021-39621", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126319", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39621" }, { "cve": "CVE-2021-39623", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In doRead of SimpleDecodingSource.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194105348", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39623" }, { "cve": "CVE-2021-39626", "cwe": { "id": "CWE-610", "name": "Externally Controlled Reference to a Resource in Another Sphere" }, "notes": [ { "category": "summary", "text": "In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695497", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39626" }, { "cve": "CVE-2021-39627", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "notes": [ { "category": "summary", "text": "In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126549", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39627" }, { "cve": "CVE-2021-39629", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-197353344", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39629" }, { "cve": "CVE-2021-39633", "cwe": { "id": "CWE-119", "name": "Improper Restriction of Operations within the Bounds of a Memory Buffer" }, "notes": [ { "category": "summary", "text": "In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150694665References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39633" }, { "cve": "CVE-2021-39634", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204450605References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2021-39634" }, { "cve": "CVE-2022-20127", "cwe": { "id": "CWE-415", "name": "Double Free" }, "notes": [ { "category": "summary", "text": "In ce_t4t_data_cback of ce_t4t.cc, there is a possible out of bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221862119", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20127" }, { "cve": "CVE-2022-20130", "cwe": { "id": "CWE-754", "name": "Improper Check for Unusual or Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224314979", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20130" }, { "cve": "CVE-2022-20227", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216825460References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20227" }, { "cve": "CVE-2022-20229", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20229" }, { "cve": "CVE-2022-20355", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219498290", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20355" }, { "cve": "CVE-2022-20411", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-232023771", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20411" }, { "cve": "CVE-2022-20421", "cwe": { "id": "CWE-416", "name": "Use After Free" }, "notes": [ { "category": "summary", "text": "In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630375References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20421" }, { "cve": "CVE-2022-20422", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237540956References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.0, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20422" }, { "cve": "CVE-2022-20423", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "notes": [ { "category": "summary", "text": "In rndis_set_response of rndis.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239842288References: Upstream kernel", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20423" }, { "cve": "CVE-2022-20462", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230356196", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20462" }, { "cve": "CVE-2022-20466", "cwe": { "id": "CWE-1188", "name": "Initialization of a Resource with an Insecure Default" }, "notes": [ { "category": "summary", "text": "In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user\u0027s password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-179725730", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20466" }, { "cve": "CVE-2022-20468", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-228450451", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20468" }, { "cve": "CVE-2022-20469", "cwe": { "id": "CWE-787", "name": "Out-of-bounds Write" }, "notes": [ { "category": "summary", "text": "In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230867224", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 8.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20469" }, { "cve": "CVE-2022-20472", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239210579", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20472" }, { "cve": "CVE-2022-20473", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239267173", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20473" }, { "cve": "CVE-2022-20476", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "notes": [ { "category": "summary", "text": "In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-240936919", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20476" }, { "cve": "CVE-2022-20483", "cwe": { "id": "CWE-191", "name": "Integer Underflow (Wrap or Wraparound)" }, "notes": [ { "category": "summary", "text": "In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242459126", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20483" }, { "cve": "CVE-2022-20498", "cwe": { "id": "CWE-125", "name": "Out-of-bounds Read" }, "notes": [ { "category": "summary", "text": "In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246465319", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 4.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20498" }, { "cve": "CVE-2022-20500", "cwe": { "id": "CWE-755", "name": "Improper Handling of Exceptional Conditions" }, "notes": [ { "category": "summary", "text": "In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168", "title": "Summary" } ], "product_status": { "known_affected": [ "1" ] }, "remediations": [ { "category": "vendor_fix", "details": "Update to V2.2 or later version", "product_ids": [ "1" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", "version": "3.1" }, "products": [ "1" ] } ], "title": "CVE-2022-20500" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.