[RHSA-2022:1988-01] Important: kernel security, bug fix, and enhancement update
Security announcements for all Red Hat products and services.
rhsa-announce at redhat.com
Tue May 10 16:25:59 UTC 2022
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2022:1988-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1988
Issue date: 2022-05-10
CVE Names: CVE-2020-0404 CVE-2020-4788 CVE-2020-13974
CVE-2020-27820 CVE-2021-0941 CVE-2021-3612
CVE-2021-3669 CVE-2021-3743 CVE-2021-3744
CVE-2021-3752 CVE-2021-3759 CVE-2021-3764
CVE-2021-3772 CVE-2021-3773 CVE-2021-4002
CVE-2021-4037 CVE-2021-4083 CVE-2021-4157
CVE-2021-4197 CVE-2021-4203 CVE-2021-20322
CVE-2021-21781 CVE-2021-26401 CVE-2021-29154
CVE-2021-37159 CVE-2021-41864 CVE-2021-42739
CVE-2021-43056 CVE-2021-43389 CVE-2021-43976
CVE-2021-44733 CVE-2021-45485 CVE-2021-45486
CVE-2022-0001 CVE-2022-0002 CVE-2022-0286
CVE-2022-0322 CVE-2022-1011
=====================================================================
1. Summary:
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
* kernel: fget: check that the fd still exists after getting a ref to it
(CVE-2021-4083)
* kernel: avoid cyclic entity chains due to malformed USB descriptors
(CVE-2020-0404)
* kernel: speculation on incompletely validated data on IBM Power9
(CVE-2020-4788)
* kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c
(CVE-2020-13974)
* kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a
use-after-free (CVE-2021-0941)
* kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
(CVE-2021-3612)
* kernel: reading /proc/sysvipc/shm does not scale with large shared memory
segment counts (CVE-2021-3669)
* kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c
(CVE-2021-3743)
* kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
(CVE-2021-3744)
* kernel: possible use-after-free in bluetooth module (CVE-2021-3752)
* kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg
limits and DoS attacks (CVE-2021-3759)
* kernel: DoS in ccp_run_aes_gcm_cmd() function (CVE-2021-3764)
* kernel: sctp: Invalid chunks may be used to remotely remove existing
associations (CVE-2021-3772)
* kernel: lack of port sanity checking in natd and netfilter leads to
exploit of OpenVPN clients (CVE-2021-3773)
* kernel: possible leak or coruption of data residing on hugetlbfs
(CVE-2021-4002)
* kernel: security regression for CVE-2018-13405 (CVE-2021-4037)
* kernel: Buffer overwrite in decode_nfs_fh function (CVE-2021-4157)
* kernel: cgroup: Use open-time creds and namespace for migration perm
checks (CVE-2021-4197)
* kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses
(CVE-2021-4203)
* kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed
packets replies (CVE-2021-20322)
* kernel: arm: SIGPAGE information disclosure vulnerability
(CVE-2021-21781)
* hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)
* kernel: Local privilege escalation due to incorrect BPF JIT branch
displacement computation (CVE-2021-29154)
* kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c
(CVE-2021-37159)
* kernel: eBPF multiplication integer overflow in
prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to
out-of-bounds write (CVE-2021-41864)
* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)
* kernel: ppc: kvm: allows a malicious KVM guest to crash the host
(CVE-2021-43056)
* kernel: an array-index-out-bounds in detach_capi_ctr in
drivers/isdn/capi/kcapi.c (CVE-2021-43389)
* kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c
allows an attacker to cause DoS via crafted USB device (CVE-2021-43976)
* kernel: use-after-free in the TEE subsystem (CVE-2021-44733)
* kernel: information leak in the IPv6 implementation (CVE-2021-45485)
* kernel: information leak in the IPv4 implementation (CVE-2021-45486)
* hw: cpu: intel: Branch History Injection (BHI) (CVE-2022-0001)
* hw: cpu: intel: Intra-Mode BTI (CVE-2022-0002)
* kernel: Local denial of service in bond_ipsec_add_sa (CVE-2022-0286)
* kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c
(CVE-2022-0322)
* kernel: FUSE allows UAF reads of write() buffers, allowing theft of
(partial) /etc/shadow hashes (CVE-2022-1011)
* kernel: use-after-free in nouveau kernel module (CVE-2020-27820)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.6 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
5. Bugs fixed (https://bugzilla.redhat.com/):
1888433 - CVE-2020-4788 kernel: speculation on incompletely validated data on IBM Power9
1901726 - CVE-2020-27820 kernel: use-after-free in nouveau kernel module
1919791 - CVE-2020-0404 kernel: avoid cyclic entity chains due to malformed USB descriptors
1946684 - CVE-2021-29154 kernel: Local privilege escalation due to incorrect BPF JIT branch displacement computation
1951739 - CVE-2021-42739 kernel: Heap buffer overflow in firedtv driver
1957375 - [RFE] x86, tsc: Add kcmdline args for skipping tsc calibration sequences
1974079 - CVE-2021-3612 kernel: joydev: zero size passed to joydev_handle_JSIOCSBTNMAP()
1981950 - CVE-2021-21781 kernel: arm: SIGPAGE information disclosure vulnerability
1983894 - Hostnetwork pod to service backed by hostnetwork on the same node is not working with OVN Kubernetes
1985353 - CVE-2021-37159 kernel: use-after-free in hso_free_net_device() in drivers/net/usb/hso.c
1986473 - CVE-2021-3669 kernel: reading /proc/sysvipc/shm does not scale with large shared memory segment counts
1994390 - FIPS: deadlock between PID 1 and "modprobe crypto-jitterentropy_rng" at boot, preventing system to boot
1997338 - block: update to upstream v5.14
1997467 - CVE-2021-3764 kernel: DoS in ccp_run_aes_gcm_cmd() function
1997961 - CVE-2021-3743 kernel: out-of-bound Read in qrtr_endpoint_post in net/qrtr/qrtr.c
1999544 - CVE-2021-3752 kernel: possible use-after-free in bluetooth module
1999675 - CVE-2021-3759 kernel: unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks
2000627 - CVE-2021-3744 kernel: crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()
2000694 - CVE-2021-3772 kernel: sctp: Invalid chunks may be used to remotely remove existing associations
2004949 - CVE-2021-3773 kernel: lack of port sanity checking in natd and netfilter leads to exploit of OpenVPN clients
2009312 - Incorrect system time reported by the cpu guest statistics (PPC only).
2009521 - XFS: sync to upstream v5.11
2010463 - CVE-2021-41864 kernel: eBPF multiplication integer overflow in prealloc_elems_and_freelist() in kernel/bpf/stackmap.c leads to out-of-bounds write
2011104 - statfs reports wrong free space for small quotas
2013180 - CVE-2021-43389 kernel: an array-index-out-bounds in detach_capi_ctr in drivers/isdn/capi/kcapi.c
2014230 - CVE-2021-20322 kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies
2015525 - SCTP peel-off with SELinux and containers in OCP
2015755 - zram: zram leak with warning when running zram02.sh in ltp
2016169 - CVE-2020-13974 kernel: integer overflow in k_ascii() in drivers/tty/vt/keyboard.c
2017073 - CVE-2021-43056 kernel: ppc: kvm: allows a malicious KVM guest to crash the host
2017796 - ceph omnibus backport for RHEL-8.6.0
2018205 - CVE-2021-0941 kernel: out-of-bounds read in bpf_skb_change_head() of filter.c due to a use-after-free
2022814 - Rebase the input and HID stack in 8.6 to v5.15
2025003 - CVE-2021-43976 kernel: mwifiex_usb_recv() in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker to cause DoS via crafted USB device
2025726 - CVE-2021-4002 kernel: possible leak or coruption of data residing on hugetlbfs
2027239 - CVE-2021-4037 kernel: security regression for CVE-2018-13405
2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
2030476 - Kernel 4.18.0-348.2.1 secpath_cache memory leak involving strongswan tunnel
2030747 - CVE-2021-44733 kernel: use-after-free in the TEE subsystem
2031200 - rename(2) fails on subfolder mounts when the share path has a trailing slash
2034342 - CVE-2021-4157 kernel: Buffer overwrite in decode_nfs_fh function
2035652 - CVE-2021-4197 kernel: cgroup: Use open-time creds and namespace for migration perm checks
2036934 - CVE-2021-4203 kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses
2037019 - CVE-2022-0286 kernel: Local denial of service in bond_ipsec_add_sa
2039911 - CVE-2021-45485 kernel: information leak in the IPv6 implementation
2039914 - CVE-2021-45486 kernel: information leak in the IPv4 implementation
2042798 - [RHEL8.6][sfc] General sfc driver update
2042822 - CVE-2022-0322 kernel: DoS in sctp_addto_chunk in net/sctp/sm_make_chunk.c
2043453 - [RHEL8.6 wireless] stack & drivers general update to v5.16+
2046021 - kernel 4.18.0-358.el8 async dirops causes write errors with namespace restricted caps
2048251 - Selinux is not allowing SCTP connection setup between inter pod communication in enforcing mode
2061700 - CVE-2021-26401 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715
2061712 - CVE-2022-0001 hw: cpu: intel: Branch History Injection (BHI)
2061721 - CVE-2022-0002 hw: cpu: intel: Intra-Mode BTI
2064855 - CVE-2022-1011 kernel: FUSE allows UAF reads of write() buffers, allowing theft of (partial) /etc/shadow hashes
6. Package List:
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
kernel-4.18.0-372.9.1.el8.src.rpm
aarch64:
bpftool-4.18.0-372.9.1.el8.aarch64.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-4.18.0-372.9.1.el8.aarch64.rpm
kernel-core-4.18.0-372.9.1.el8.aarch64.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-core-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-372.9.1.el8.aarch64.rpm
kernel-devel-4.18.0-372.9.1.el8.aarch64.rpm
kernel-headers-4.18.0-372.9.1.el8.aarch64.rpm
kernel-modules-4.18.0-372.9.1.el8.aarch64.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-libs-4.18.0-372.9.1.el8.aarch64.rpm
perf-4.18.0-372.9.1.el8.aarch64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
python3-perf-4.18.0-372.9.1.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
noarch:
kernel-abi-stablelists-4.18.0-372.9.1.el8.noarch.rpm
kernel-doc-4.18.0-372.9.1.el8.noarch.rpm
ppc64le:
bpftool-4.18.0-372.9.1.el8.ppc64le.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-core-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-core-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-devel-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-headers-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-modules-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-libs-4.18.0-372.9.1.el8.ppc64le.rpm
perf-4.18.0-372.9.1.el8.ppc64le.rpm
perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
python3-perf-4.18.0-372.9.1.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
s390x:
bpftool-4.18.0-372.9.1.el8.s390x.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-4.18.0-372.9.1.el8.s390x.rpm
kernel-core-4.18.0-372.9.1.el8.s390x.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-core-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.s390x.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.s390x.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-372.9.1.el8.s390x.rpm
kernel-devel-4.18.0-372.9.1.el8.s390x.rpm
kernel-headers-4.18.0-372.9.1.el8.s390x.rpm
kernel-modules-4.18.0-372.9.1.el8.s390x.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.s390x.rpm
kernel-tools-4.18.0-372.9.1.el8.s390x.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-core-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-devel-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-modules-4.18.0-372.9.1.el8.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-372.9.1.el8.s390x.rpm
perf-4.18.0-372.9.1.el8.s390x.rpm
perf-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
python3-perf-4.18.0-372.9.1.el8.s390x.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.s390x.rpm
x86_64:
bpftool-4.18.0-372.9.1.el8.x86_64.rpm
bpftool-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-4.18.0-372.9.1.el8.x86_64.rpm
kernel-core-4.18.0-372.9.1.el8.x86_64.rpm
kernel-cross-headers-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-core-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-devel-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-modules-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-modules-extra-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-372.9.1.el8.x86_64.rpm
kernel-devel-4.18.0-372.9.1.el8.x86_64.rpm
kernel-headers-4.18.0-372.9.1.el8.x86_64.rpm
kernel-modules-4.18.0-372.9.1.el8.x86_64.rpm
kernel-modules-extra-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-libs-4.18.0-372.9.1.el8.x86_64.rpm
perf-4.18.0-372.9.1.el8.x86_64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
python3-perf-4.18.0-372.9.1.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
aarch64:
bpftool-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
kernel-tools-libs-devel-4.18.0-372.9.1.el8.aarch64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.aarch64.rpm
ppc64le:
bpftool-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-372.9.1.el8.ppc64le.rpm
perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.ppc64le.rpm
x86_64:
bpftool-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debug-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
kernel-tools-libs-devel-4.18.0-372.9.1.el8.x86_64.rpm
perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
python3-perf-debuginfo-4.18.0-372.9.1.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2020-0404
https://access.redhat.com/security/cve/CVE-2020-4788
https://access.redhat.com/security/cve/CVE-2020-13974
https://access.redhat.com/security/cve/CVE-2020-27820
https://access.redhat.com/security/cve/CVE-2021-0941
https://access.redhat.com/security/cve/CVE-2021-3612
https://access.redhat.com/security/cve/CVE-2021-3669
https://access.redhat.com/security/cve/CVE-2021-3743
https://access.redhat.com/security/cve/CVE-2021-3744
https://access.redhat.com/security/cve/CVE-2021-3752
https://access.redhat.com/security/cve/CVE-2021-3759
https://access.redhat.com/security/cve/CVE-2021-3764
https://access.redhat.com/security/cve/CVE-2021-3772
https://access.redhat.com/security/cve/CVE-2021-3773
https://access.redhat.com/security/cve/CVE-2021-4002
https://access.redhat.com/security/cve/CVE-2021-4037
https://access.redhat.com/security/cve/CVE-2021-4083
https://access.redhat.com/security/cve/CVE-2021-4157
https://access.redhat.com/security/cve/CVE-2021-4197
https://access.redhat.com/security/cve/CVE-2021-4203
https://access.redhat.com/security/cve/CVE-2021-20322
https://access.redhat.com/security/cve/CVE-2021-21781
https://access.redhat.com/security/cve/CVE-2021-26401
https://access.redhat.com/security/cve/CVE-2021-29154
https://access.redhat.com/security/cve/CVE-2021-37159
https://access.redhat.com/security/cve/CVE-2021-41864
https://access.redhat.com/security/cve/CVE-2021-42739
https://access.redhat.com/security/cve/CVE-2021-43056
https://access.redhat.com/security/cve/CVE-2021-43389
https://access.redhat.com/security/cve/CVE-2021-43976
https://access.redhat.com/security/cve/CVE-2021-44733
https://access.redhat.com/security/cve/CVE-2021-45485
https://access.redhat.com/security/cve/CVE-2021-45486
https://access.redhat.com/security/cve/CVE-2022-0001
https://access.redhat.com/security/cve/CVE-2022-0002
https://access.redhat.com/security/cve/CVE-2022-0286
https://access.redhat.com/security/cve/CVE-2022-0322
https://access.redhat.com/security/cve/CVE-2022-1011
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/
8. Contact:
The Red Hat security contact is <secalert at redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYnqSF9zjgjWX9erEAQjBXQ/8DSpFUMNN6ZVFtli2KuVowVLS+14J0jtj
0zxpr0skJT8vVulU3VTeURBMdg9NAo9bj3R5KTk2+dC+AMuHET5aoVvaYmimBGKL
5qzpu7q9Z0aaD2I288suHCnYuRJnt+qKZtNa4hlcY92bN0tcYBonxsdIS2xM6xIu
GHNS8HNVUNz4PuCBfmbITvgX9Qx+iZQVlVccDBG5LDpVwgOtnrxHKbe5E499v/9M
oVoN+eV9ulHAZdCHWlUAahbsvEqDraCKNT0nHq/xO5dprPjAcjeKYMeaICtblRr8
k+IouGywaN+mW4sBjnaaiuw2eAtoXq/wHisX1iUdNkroqcx9NBshWMDBJnE4sxQJ
ZOSc8B6yjJItPvUI7eD3BDgoka/mdoyXTrg+9VRrir6vfDHPrFySLDrO1O5HM5fO
3sExCVO2VM7QMCGHJ1zXXX4szk4SV/PRsjEesvHOyR2xTKZZWMsXe1h9gYslbADd
tW0yco/G23xjxqOtMKuM/nShBChflMy9apssldiOfdqODJMv5d4rRpt0xgmtSOM6
qReveuQCasmNrGlAHgDwbtWz01fmSuk9eYDhZNmHA3gxhoHIV/y+wr0CLbOQtDxT
p79nhiqwUo5VMj/X30Lu0Wl3ptLuhRWamzTCkEEzdubr8aVsT4RRNQU3KfVFfpT1
MWp/2ui3i80=
=Fdgy
-----END PGP SIGNATURE-----
More information about the RHSA-announce
mailing list