RHSA-2021:4140: Moderate: kernel-rt security and bug fix update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.Security Fix(es): kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427) kernel: Improper input validation in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24502) kernel: Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24503) kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers (CVE-2020-24504) kernel: Fragmentation cache not cleared on reconnection (CVE-2020-24586) kernel: Reassembling fragments encrypted under different keys (CVE-2020-24587) kernel: wifi frame payload being parsed incorrectly as an L2 frame (CVE-2020-24588) kernel: Forwarding EAPOL from unauthenticated wifi client (CVE-2020-26139) kernel: accepting plaintext data frames in protected networks (CVE-2020-26140) kernel: not verifying TKIP MIC of fragmented frames (CVE-2020-26141) kernel: accepting fragmented plaintext frames in protected networks (CVE-2020-26143) kernel: accepting unencrypted A-MSDU frames that start with RFC1042 header (CVE-2020-26144) kernel: accepting plaintext broadcast fragments as full frames (CVE-2020-26145) kernel: locking inconsistency in ttyio.c and ttyjobctrl.c can lead to a read-after-free (CVE-2020-29660) kernel: buffer overflow in mwifiexcmd80211adhocstart function via a long SSID value (CVE-2020-36158) kernel: slab out-of-bounds read in hciextendedinquiryresultevt() (CVE-2020-36386) kernel: Improper access control in BlueZ may allow information disclosure vulnerability. (CVE-2021-0129) kernel: Use-after-free in ndbqueuerq() (CVE-2021-3348) kernel: Linux kernel eBPF RINGBUF map oversized allocation (CVE-2021-3489) kernel: double free in bluetooth subsystem when the HCI device initialization fails (CVE-2021-3564) kernel: use-after-free in function hcisockboundioctl() (CVE-2021-3573) kernel: eBPF 32-bit source register truncation on div/mod (CVE-2021-3600) kernel: DoS in rbpercpuempty() (CVE-2021-3679) kernel: overlayfs: Mounting overlayfs inside an unprivileged user namespace can reveal files (CVE-2021-3732) kernel: heap overflow in cgroupbpfrunfiltergetsockopt() (CVE-2021-20194) kernel: Race condition in sctpdestroysock listdel (CVE-2021-23133) kernel: fuse: stall on CPU can occur because a retry loop continually finds the same bad inode (CVE-2021-28950) kernel: System crash in intelpmudrainpebsnhm (CVE-2021-28971) kernel: protection for sequences of pointer arithmetic operations against speculatively out-of-bounds loads can be bypassed to leak content of kernel memory (CVE-2021-29155) kernel: improper input validation in tipcnlretrievekey function (CVE-2021-29646) kernel: lack a full memory barrier upon the assignment of a new table value in xtables.h may lead to DoS (CVE-2021-29650) kernel: local escalation of privileges in handling of eBPF programs (CVE-2021-31440) kernel: protection of stack pointer against speculative pointer arithmetic can be bypassed to leak content of kernel memory (CVE-2021-31829) kernel: out-of-bounds reads and writes due to enforcing incorrect limits for pointer arithmetic operations by BPF verifier (CVE-2021-33200) kernel: reassembling encrypted fragments with non-consecutive packet numbers (CVE-2020-26146) kernel: reassembling mixed encrypted/plaintext fragments (CVE-2020-26147) kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check (CVE-2020-29368) kernel: flowtable list del corruption with kernel BUG (CVE-2021-3635) kernel: NULL pointer dereference in llseckeyalloc() (CVE-2021-3659) kernel: setsockopt System Call Untrusted Pointer Dereference Information Disclosure (CVE-2021-20239) kernel: out of bounds array access in drivers/md/dm-ioctl.c (CVE-2021-31916)