RHSA-2021:3328: Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.Security Fix(es): kernel: out-of-bounds write in xtcompattargetfromuser() in net/netfilter/xtables.c (CVE-2021-22555) kernel: race condition for removal of the HCI controller (CVE-2021-32399) kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation (CVE-2021-29154) kernel: lack a full memory barrier upon the assignment of a new table value in net/netfilter/xtables.c and include/linux/netfilter/xtables.h may lead to DoS (CVE-2021-29650) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es): kernel-rt: update to the latest RHEL7.9.z8 source tree (BZ#1982927)
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:3328?
The severity of RHSA-2021:3328 is classified as important due to an out-of-bounds write vulnerability in the kernel.
How do I fix RHSA-2021:3328?
To fix RHSA-2021:3328, update the kernel-rt packages to version 3.10.0-1160.41.1.rt56.1181.el7.
What systems are affected by RHSA-2021:3328?
RHSA-2021:3328 affects systems running the kernel-rt packages prior to version 3.10.0-1160.41.1.rt56.1181.el7.
What vulnerability does RHSA-2021:3328 address?
RHSA-2021:3328 addresses CVE-2021-22555, which is an out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c.
Is RHSA-2021:3328 related to security risks in real-time systems?
Yes, RHSA-2021:3328 is important for real-time systems as it mitigates a security risk that could impact system determinism.