SB2021010611 - Red Hat Enterprise Linux 7 update for kernel

Security Bulletin ID SB2021010611

Severity

High

Patch available

YES

Number of vulnerabilities 3

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Race condition (CVE-ID: CVE-2018-20836)

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.

2) Use-after-free (CVE-ID: CVE-2019-15917)

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when hci_uart_register_dev() fails in hci_uart_set_proto() in drivers/bluetooth/hci_ldisc.c. A remote attacker with physical proximity to the system can send specially crafted Bluetoth data and execute arbitrary code.

3) Out-of-bounds write (CVE-ID: CVE-2019-20636)

The vulnerability allows a local privileged user to execute arbitrary code.

In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2021:0019

SB2021010611 - Red Hat Enterprise Linux 7 update for kernel

Breakdown by Severity

Description

Remediation

References

Please verify you're human