RHSA-2021:3802: Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.<br>Security Fix(es):<br><li> kernel: Improper handling of VMIO|VMPFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543)</li> <li> kernel: SVM nested virtualization issue in KVM (AVIC support) (CVE-2021-3653)</li> <li> kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> Indefinite waiting for RCU callback while removing cgroup (BZ#1967844)</li> <li> kernel-rt: update to the latest RHEL7.9.z9 source tree (BZ#2002994)</li>
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:3802?
The severity of RHSA-2021:3802 is considered important due to its implications on system security.
How do I fix RHSA-2021:3802?
To fix RHSA-2021:3802, you should update to kernel-rt version 3.10.0-1160.45.1.rt56.1185.el7.
What vulnerability does RHSA-2021:3802 address?
RHSA-2021:3802 addresses CVE-2021-22543, which involves improper handling of VM_IO|VM_PFNMAP vmas in KVM.
Which packages are affected by RHSA-2021:3802?
RHSA-2021:3802 affects multiple kernel-rt packages, including kernel-rt, kernel-rt-debug, and kernel-rt-devel.
When was RHSA-2021:3802 released?
RHSA-2021:3802 was released to address security vulnerabilities in the Real Time Linux Kernel.