RHSA-2021:2316
Vulnerability from csaf_redhat - Published: 2021-06-08 22:44 - Updated: 2026-02-25 18:32Summary
Red Hat Security Advisory: kernel-rt security and bug fix update
Severity
Important
Notes
Topic: An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
* kernel: Use after free via PI futex state (CVE-2021-3347)
* kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648)
* kernel: Improper input validation in some Intel(R) Graphics Drivers (CVE-2020-12363)
* kernel: Null pointer dereference in some Intel(R) Graphics Drivers (CVE-2020-12364)
* kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* lru-add-drain workqueue on RT is allocated without being used (BZ#1894587)
* kernel-rt: update to the latest RHEL7.9.z source tree (BZ#1953118)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system.
7.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2316
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernel. An integer overflow in the firmware for some Intel(R) Graphics Drivers may allow a privileged user to potentially enable an escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2316
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.
A flaw was found in the Linux kernel. Improper input validation in some Intel(R) Graphics Drivers may allow a privileged user to potentially enable a denial of service via local access.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2316
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Null pointer reference in some Intel(R) Graphics Drivers for Microsoft Windows and the Linux kernel may allow a privileged user to potentially enable a denial of service via local access.
5.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2316
Workaround
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the Linux kernels eBPF verification code. By default accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A local user with the ability to insert eBPF instructions can use the eBPF verifier to abuse a spectre like flaw where they can infer all system memory.
4.7 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2316
Workaround
The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.
For the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.
For the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:
# cat /proc/sys/kernel/unprivileged_bpf_disabled
The setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.
A kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.
A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.0 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
https://access.redhat.com/errata/RHSA-2021:2316
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)\n\n* kernel: Use after free via PI futex state (CVE-2021-3347)\n\n* kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648)\n\n* kernel: Improper input validation in some Intel(R) Graphics Drivers (CVE-2020-12363)\n\n* kernel: Null pointer dereference in some Intel(R) Graphics Drivers (CVE-2020-12364)\n\n* kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* lru-add-drain workqueue on RT is allocated without being used (BZ#1894587)\n\n* kernel-rt: update to the latest RHEL7.9.z source tree (BZ#1953118)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:2316",
"url": "https://access.redhat.com/errata/RHSA-2021:2316"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1802559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802559"
},
{
"category": "external",
"summary": "1894587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894587"
},
{
"category": "external",
"summary": "1922249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922249"
},
{
"category": "external",
"summary": "1930246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930246"
},
{
"category": "external",
"summary": "1930249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930249"
},
{
"category": "external",
"summary": "1930251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930251"
},
{
"category": "external",
"summary": "1940627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940627"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_2316.json"
}
],
"title": "Red Hat Security Advisory: kernel-rt security and bug fix update",
"tracking": {
"current_release_date": "2026-02-25T18:32:16+00:00",
"generator": {
"date": "2026-02-25T18:32:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2021:2316",
"initial_release_date": "2021-06-08T22:44:01+00:00",
"revision_history": [
{
"date": "2021-06-08T22:44:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-06-08T22:44:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-25T18:32:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_rt:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for Real Time (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_rt:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"product": {
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"product_id": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-1160.31.1.rt56.1169.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-devel@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-devel@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-devel@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-kvm@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-debuginfo@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debug-kvm-debuginfo@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-debuginfo-common-x86_64@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-kvm-debuginfo@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-debuginfo@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_id": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-trace-kvm-debuginfo@3.10.0-1160.31.1.rt56.1169.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"product": {
"name": "kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"product_id": "kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-rt-doc@3.10.0-1160.31.1.rt56.1169.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src"
},
"product_reference": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch"
},
"product_reference": "kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time for NFV (v. 7)",
"product_id": "7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-NFV-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src"
},
"product_reference": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch"
},
"product_reference": "kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64 as a component of Red Hat Enterprise Linux for Real Time (v. 7)",
"product_id": "7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
},
"product_reference": "kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"relates_to_product_reference": "7Server-RT-7.9.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8648",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-02-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1802559"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the Linux kernel console driver when using the copy-paste buffer. This flaw allows a local user to crash the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is moderate, because of the need of additional privileges (usually local console user).",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8648"
},
{
"category": "external",
"summary": "RHBZ#1802559",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802559"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8648",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8648"
}
],
"release_date": "2020-01-30T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:44:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2316"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c"
},
{
"cve": "CVE-2020-12362",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2021-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930246"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. An integer overflow in the firmware for some Intel(R) Graphics Drivers may allow a privileged user to potentially enable an escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Integer overflow in Intel(R) Graphics Drivers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Only users that specify i915.enable_guc=-1 or i915.enable_guc=1 or 2 are open to be exploited by this issue.\n\nDue to the full fix (combination of kernel and firmware updates) being invasive and GUC firmware loading is off by default, Red Hat Enterprise Linux kernel versions prior to the Linux kernel version shipped with Red Hat Enterprise Linux 8.4 GA (kernel-4.18.0-305.el8) print a warning in the kernel log (\"GUC firmware is insecure - CVE 2020-12362 - Please update to a newer release to get secure GUC\") and do not rely on the firmware fix. As a result, Red Hat Enterprise Linux versions prior Red Hat Enterprise Linux 8.4 GA (including Red Hat Enterprise Linux 6 and 7) do not include the updated firmware packages.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12362"
},
{
"category": "external",
"summary": "RHBZ#1930246",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930246"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12362"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:44:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2316"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Integer overflow in Intel(R) Graphics Drivers"
},
{
"cve": "CVE-2020-12363",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930249"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. Improper input validation in some Intel(R) Graphics Drivers may allow a privileged user to potentially enable a denial of service via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Improper input validation in some Intel(R) Graphics Drivers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To fix this issue a combination of linux-firmware and kernel update is required to be installed on the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12363"
},
{
"category": "external",
"summary": "RHBZ#1930249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930249"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12363",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12363"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12363",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12363"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:44:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2316"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Improper input validation in some Intel(R) Graphics Drivers"
},
{
"cve": "CVE-2020-12364",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2021-02-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1930251"
}
],
"notes": [
{
"category": "description",
"text": "Null pointer reference in some Intel(R) Graphics Drivers for Microsoft Windows and the Linux kernel may allow a privileged user to potentially enable a denial of service via local access.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Null pointer dereference in some Intel(R) Graphics Drivers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To fix this issue a combination of linux-firmware and kernel update is required to be installed on the system.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-12364"
},
{
"category": "external",
"summary": "RHBZ#1930251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930251"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12364",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12364"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12364",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12364"
},
{
"category": "external",
"summary": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html"
}
],
"release_date": "2021-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:44:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2316"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Null pointer dereference in some Intel(R) Graphics Drivers"
},
{
"cve": "CVE-2020-27170",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2021-03-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1940627"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernels eBPF verification code. By default accessing the eBPF verifier is only accessible to privileged users with CAP_SYS_ADMIN. A local user with the ability to insert eBPF instructions can use the eBPF verifier to abuse a spectre like flaw where they can infer all system memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Speculation on pointer arithmetic against bpf_context pointer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27170"
},
{
"category": "external",
"summary": "RHBZ#1940627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1940627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27170",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27170"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27170",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27170"
}
],
"release_date": "2021-03-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:44:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2316"
},
{
"category": "workaround",
"details": "The default Red Hat Enterprise Linux kernel prevents unprivileged users from being able to use eBPF by the kernel.unprivileged_bpf_disabled sysctl. This would require a privileged user with CAP_SYS_ADMIN or root to be able to abuse this flaw reducing its attack space.\n\nFor the Red Hat Enterprise Linux 7 the eBPF for unprivileged users is always disabled.\nFor the Red Hat Enterprise Linux 8 to confirm the current state, inspect the sysctl with the command:\n\n# cat /proc/sys/kernel/unprivileged_bpf_disabled\n\nThe setting of 1 would mean that unprivileged users can not use eBPF, mitigating the flaw.\n\nA kernel update will be required to mitigate the flaw for the root or users with CAP_SYS_ADMIN capabilities.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kernel: Speculation on pointer arithmetic against bpf_context pointer"
},
{
"cve": "CVE-2021-3347",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2021-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1922249"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use after free via PI futex state",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3347"
},
{
"category": "external",
"summary": "RHBZ#1922249",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922249"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3347",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3347"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3347",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3347"
}
],
"release_date": "2021-01-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-06-08T22:44:01+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2316"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-NFV-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-NFV-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-NFV-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.src",
"7Server-RT-7.9.Z:kernel-rt-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debug-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-debuginfo-common-x86_64-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-doc-0:3.10.0-1160.31.1.rt56.1169.el7.noarch",
"7Server-RT-7.9.Z:kernel-rt-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-devel-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64",
"7Server-RT-7.9.Z:kernel-rt-trace-kvm-debuginfo-0:3.10.0-1160.31.1.rt56.1169.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Use after free via PI futex state"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…