RHSA-2021:3438: Moderate: kernel security and bug fix update
Published Sep 7, 2021
·Updated
The kernel packages contain the Linux kernel, the core of any Linux operating system.Security Fix(es): kernel: use-after-free in route4change() in net/sched/clsroute.c (CVE-2021-3715) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.Bug Fix(es): [RHEL 7.8][s390x][DASD]Crash in listdelentry, aliaspavgroup list corrupt when running dasdaliasremovedevice() (BZ#1889418) EMBARGOED CVE-2021-3715 kernel: use-after-free in route4change() in net/sched/clsroute.c (BZ#1992926)
Affected Software
61 affected componentsFixes available
redhat/kernel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/bpftool<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/bpftool-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-abi-whitelists<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-doc<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-headers<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-libs<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-libs-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/perf<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/perf-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/python-perf<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/python-perf-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/bpftool<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/bpftool-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debuginfo-common-s390x<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-headers<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-kdump<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-kdump-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-kdump-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/perf<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/perf-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/python-perf<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/python-perf-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-bootwrapper<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debuginfo-common-ppc64<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-libs<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-libs-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/bpftool<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/bpftool-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-bootwrapper<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debug-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-debuginfo-common-ppc64le<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-headers<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-libs<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/kernel-tools-libs-devel<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/perf<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/perf-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/python-perf<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
redhat/python-perf-debuginfo<3.10.0-1160.42.2.el7
3.10.0-1160.42.2.el7
Remediation
Event History
Nov 30, 2025
Advisory Published
via Red Hat·08:14 AM
Data Sourced
via Red Hat·08:14 AM
RemedyDescriptionAffected Software
Frequently Asked Questions
1
What is the severity of RHSA-2021:3438?
The severity of RHSA-2021:3438 is classified as moderate.
2
How do I fix RHSA-2021:3438?
To fix RHSA-2021:3438, update your kernel packages to version 3.10.0-1160.42.2.el7 or later.
3
What vulnerability does RHSA-2021:3438 address?
RHSA-2021:3438 addresses a use-after-free vulnerability in route4_change() in net/sched/cls_route.c, identified as CVE-2021-3715.
4
Which packages are affected by RHSA-2021:3438?
The affected packages include kernel, bpftool, kernel-debug, and several others related to the kernel.
5
Is it necessary to restart the system after applying the fix for RHSA-2021:3438?
Yes, a system restart is necessary to ensure that the updated kernel is loaded after fixing RHSA-2021:3438.