ID

VAR-202103-0920


CVE

CVE-2021-27363


TITLE

Linux Kernel  Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2021-004361

DESCRIPTION

An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. Linux Kernel Contains an unspecified vulnerability.Information is obtained and denial of service (DoS) It may be put into a state. ========================================================================= Ubuntu Security Notice USN-4901-1 April 06, 2021 linux-lts-trusty vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 ESM Summary: Several security issues were fixed in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365) It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. (CVE-2020-28374) Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 ESM: linux-image-3.13.0-185-generic 3.13.0-185.236~12.04.1 linux-image-generic-lts-trusty 3.13.0.185.170 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. Description: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2021:1427 All OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -between-minor.html#understanding-upgrade-channels_updating-cluster-between - -minor 3. Solution: For OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update: https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel ease-notes.html Details on how to access this content are available at https://docs.openshift.com/container-platform/4.6/updating/updating-cluster - -cli.html 4. Bugs fixed (https://bugzilla.redhat.com/): 1887664 - CVE-2020-25649 jackson-databind: FasterXML DOMDeserializer insecure entity expansion is vulnerable to XML external entity (XXE) 1941768 - Reports that has specified a retention should not be requeued in the sync handler 1954163 - Placeholder bug for OCP 4.6.0 extras release 5. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kernel security and bug fix update Advisory ID: RHSA-2021:1071-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:1071 Issue date: 2021-04-06 CVE Names: CVE-2021-27363 CVE-2021-27364 CVE-2021-27365 ==================================================================== 1. Summary: An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Security Fix(es): * kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) * kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) * kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Customer testing eMMC sees and intermittent boot problem on 7.8+, was not seen on 7.3 (BZ#1918916) * tcm loopback driver causes double-start of scsi command when work is delayed (BZ#1925652) * [Azure][RHEL-7]Mellanox Patches To Prevent Kernel Hang In MLX4 (BZ#1925691) * A patch from upstream c365c292d059 causes us to end up leaving rt_nr_boosted in an inconsistent state, which causes a hard lockup. (BZ#1928082) * [RHEL7.9.z] Add fix to update snd_wl1 in bulk receiver fast path (BZ#1929804) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect. 5. Bugs fixed (https://bugzilla.redhat.com/): 1930078 - CVE-2021-27365 kernel: heap buffer overflow in the iSCSI subsystem 1930079 - CVE-2021-27363 kernel: iscsi: unrestricted access to sessions and handles 1930080 - CVE-2021-27364 kernel: out-of-bounds read in libiscsi module 6. Package List: Red Hat Enterprise Linux Client (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Client Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Server (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm ppc64: bpftool-3.10.0-1160.24.1.el7.ppc64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-3.10.0-1160.24.1.el7.ppc64.rpm kernel-bootwrapper-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.24.1.el7.ppc64.rpm kernel-devel-3.10.0-1160.24.1.el7.ppc64.rpm kernel-headers-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.ppc64.rpm perf-3.10.0-1160.24.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm python-perf-3.10.0-1160.24.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm ppc64le: bpftool-3.10.0-1160.24.1.el7.ppc64le.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-bootwrapper-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-devel-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-headers-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.ppc64le.rpm perf-3.10.0-1160.24.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm python-perf-3.10.0-1160.24.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm s390x: bpftool-3.10.0-1160.24.1.el7.s390x.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-3.10.0-1160.24.1.el7.s390x.rpm kernel-debug-3.10.0-1160.24.1.el7.s390x.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.s390x.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-debuginfo-common-s390x-3.10.0-1160.24.1.el7.s390x.rpm kernel-devel-3.10.0-1160.24.1.el7.s390x.rpm kernel-headers-3.10.0-1160.24.1.el7.s390x.rpm kernel-kdump-3.10.0-1160.24.1.el7.s390x.rpm kernel-kdump-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm kernel-kdump-devel-3.10.0-1160.24.1.el7.s390x.rpm perf-3.10.0-1160.24.1.el7.s390x.rpm perf-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm python-perf-3.10.0-1160.24.1.el7.s390x.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.s390x.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-debuginfo-common-ppc64-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.ppc64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64.rpm ppc64le: bpftool-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-debuginfo-common-ppc64le-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.ppc64le.rpm perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.ppc64le.rpm x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: kernel-3.10.0-1160.24.1.el7.src.rpm noarch: kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm x86_64: bpftool-3.10.0-1160.24.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm perf-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 7): x86_64: bpftool-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.24.1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-27363 https://access.redhat.com/security/cve/CVE-2021-27364 https://access.redhat.com/security/cve/CVE-2021-27365 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYGwp7tzjgjWX9erEAQgQXQ//b1YLCLj3RXDop9pRP30zQj7xj3xDYBK5 7FLTR7K6HVYynrzKBJ87TyJkuhaPpTi8452HYHjLaYt6VYa+j1Jr+PVQr+ZaO+Rz iSRl3Sr5NYynAt9g2vNp6tfeeYPddVSpDpxkUr84EDRZ9Jg8tYtLkanRT9cH02gs +TYPCUZn/2Ii6YQjksIZmv6VVUZepMaO/kDDEi89ivGCffaMvS70Z86498XawgeM eJttBvztEv5K6wvaRtnJegmeonYKxouP1FYDyXh+WAG6zjQDcUEWUKgwdGGn+mXb k4T6F/ktCAx7wSKgt4kMvVmvzOc5jScJ2V0aK3rvm5LnqHoNin5syGOIHm6BM5Jp KTO6MGa9ex7xQdz/pNU/4aqxtKK0G4ceL8xjEGpei5U0gIEXuK4KFySa1bDQa2Xd eN2VtwzajY2tvCe7FrKuwKGb6HyIQK39C8hUHsD2x+JwLCxb12DWBY0ulJzh2C2l LPwWFWMhJqH2GG2wIKh6msCQOMJOGO3zwLtkGMj5dXrmDBHhkkT1FZnL0DdDxL3m JGija+Tr50EFGBFZvS1brChBEqwHqklkUQ3nWVXDj8ipRXJMOOGHbssw9FqnX01B qF414rmDTU1tBHc7bPo8/q5zMXKV5vOixRplzs0sw0hlBJKjvlpVpDMiseo3crlj ghAOW9EzFXk=pxZs -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . 7.7) - ppc64, ppc64le, x86_64 3. Bug Fix(es): * memcg: mem_cgroup_idr can be updated in an uncoordinated manner which can lead to corruption (BZ#1931899) * [infiniband] Backport Request to fix Multicast Sendonly joins (BZ#1937819) * [Azure][RHEL-7]Mellanox Patches To Prevent Kernel Hang In MLX4 (BZ#1939791) 4

Trust: 2.25

sources: NVD: CVE-2021-27363 // JVNDB: JVNDB-2021-004361 // VULHUB: VHN-386598 // PACKETSTORM: 162115 // PACKETSTORM: 162478 // PACKETSTORM: 162098 // PACKETSTORM: 161973 // PACKETSTORM: 162528 // PACKETSTORM: 161909

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:lteversion:5.11.3

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:9.0

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:debianmodel:gnu/linuxscope: - version: -

Trust: 0.8

vendor:linuxmodel:kernelscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-004361 // NVD: CVE-2021-27363

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-27363
value: MEDIUM

Trust: 1.0

NVD: CVE-2021-27363
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202103-523
value: MEDIUM

Trust: 0.6

VULHUB: VHN-386598
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-27363
severity: LOW
baseScore: 3.6
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-386598
severity: LOW
baseScore: 3.6
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 4.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-27363
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: 1.8
impactScore: 2.5
version: 3.1

Trust: 1.0

NVD: CVE-2021-27363
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: LOW
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-386598 // JVNDB: JVNDB-2021-004361 // CNNVD: CNNVD-202103-523 // NVD: CVE-2021-27363

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD Evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2021-004361 // NVD: CVE-2021-27363

THREAT TYPE

local

Trust: 0.9

sources: PACKETSTORM: 162115 // PACKETSTORM: 161973 // PACKETSTORM: 161909 // CNNVD: CNNVD-202103-523

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202103-523

PATCH

title:iscsiurl:https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html

Trust: 0.8

sources: JVNDB: JVNDB-2021-004361

EXTERNAL IDS

db:NVDid:CVE-2021-27363

Trust: 3.1

db:OPENWALLid:OSS-SECURITY/2021/03/06/1

Trust: 2.5

db:PACKETSTORMid:162117

Trust: 1.7

db:PACKETSTORMid:162478

Trust: 0.8

db:PACKETSTORMid:162528

Trust: 0.8

db:PACKETSTORMid:161909

Trust: 0.8

db:JVNDBid:JVNDB-2021-004361

Trust: 0.8

db:PACKETSTORMid:161952

Trust: 0.7

db:PACKETSTORMid:162341

Trust: 0.7

db:PACKETSTORMid:162095

Trust: 0.7

db:PACKETSTORMid:162151

Trust: 0.7

db:PACKETSTORMid:162383

Trust: 0.7

db:PACKETSTORMid:162108

Trust: 0.7

db:PACKETSTORMid:162242

Trust: 0.7

db:PACKETSTORMid:162337

Trust: 0.7

db:CNNVDid:CNNVD-202103-523

Trust: 0.7

db:AUSCERTid:ESB-2021.1589

Trust: 0.6

db:AUSCERTid:ESB-2021.1694

Trust: 0.6

db:AUSCERTid:ESB-2021.1655

Trust: 0.6

db:AUSCERTid:ESB-2021.0837

Trust: 0.6

db:AUSCERTid:ESB-2021.1406

Trust: 0.6

db:AUSCERTid:ESB-2021.1339

Trust: 0.6

db:AUSCERTid:ESB-2021.1224

Trust: 0.6

db:AUSCERTid:ESB-2021.1307

Trust: 0.6

db:AUSCERTid:ESB-2021.1184

Trust: 0.6

db:AUSCERTid:ESB-2021.1002

Trust: 0.6

db:AUSCERTid:ESB-2021.2589

Trust: 0.6

db:AUSCERTid:ESB-2022.3346

Trust: 0.6

db:AUSCERTid:ESB-2021.1558

Trust: 0.6

db:AUSCERTid:ESB-2021.1299

Trust: 0.6

db:AUSCERTid:ESB-2021.1635

Trust: 0.6

db:AUSCERTid:ESB-2021.2136

Trust: 0.6

db:AUSCERTid:ESB-2021.1445

Trust: 0.6

db:AUSCERTid:ESB-2021.0981

Trust: 0.6

db:AUSCERTid:ESB-2021.1212

Trust: 0.6

db:AUSCERTid:ESB-2021.1151

Trust: 0.6

db:AUSCERTid:ESB-2021.1669

Trust: 0.6

db:AUSCERTid:ESB-2021.2781

Trust: 0.6

db:AUSCERTid:ESB-2021.1101

Trust: 0.6

db:CS-HELPid:SB2021051001

Trust: 0.6

db:CS-HELPid:SB2021042828

Trust: 0.6

db:CS-HELPid:SB2021050609

Trust: 0.6

db:CS-HELPid:SB2021041608

Trust: 0.6

db:CS-HELPid:SB2021041223

Trust: 0.6

db:CS-HELPid:SB2021051317

Trust: 0.6

db:CS-HELPid:SB2021042136

Trust: 0.6

db:PACKETSTORMid:162115

Trust: 0.2

db:PACKETSTORMid:161973

Trust: 0.2

db:PACKETSTORMid:162098

Trust: 0.2

db:PACKETSTORMid:162246

Trust: 0.1

db:PACKETSTORMid:162156

Trust: 0.1

db:PACKETSTORMid:162247

Trust: 0.1

db:PACKETSTORMid:162255

Trust: 0.1

db:PACKETSTORMid:162346

Trust: 0.1

db:PACKETSTORMid:162112

Trust: 0.1

db:VULHUBid:VHN-386598

Trust: 0.1

sources: VULHUB: VHN-386598 // JVNDB: JVNDB-2021-004361 // PACKETSTORM: 162115 // PACKETSTORM: 162478 // PACKETSTORM: 162098 // PACKETSTORM: 161973 // PACKETSTORM: 162528 // PACKETSTORM: 161909 // CNNVD: CNNVD-202103-523 // NVD: CVE-2021-27363

REFERENCES

url:http://www.openwall.com/lists/oss-security/2021/03/06/1

Trust: 2.5

url:https://nvd.nist.gov/vuln/detail/cve-2021-27363

Trust: 2.0

url:https://security.netapp.com/advisory/ntap-20210409-0001/

Trust: 1.7

url:http://packetstormsecurity.com/files/162117/kernel-live-patch-security-notice-lsn-0075-1.html

Trust: 1.7

url:https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html

Trust: 1.7

url:https://bugzilla.suse.com/show_bug.cgi?id=1182716

Trust: 1.7

url:https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html

Trust: 1.7

url:https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html

Trust: 1.7

url:https://access.redhat.com/security/cve/cve-2021-27363

Trust: 0.9

url:https://nvd.nist.gov/vuln/detail/cve-2021-27364

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-27365

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0837

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051001

Trust: 0.6

url:https://packetstormsecurity.com/files/162095/red-hat-security-advisory-2021-1070-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1589

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1445

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1307

Trust: 0.6

url:https://packetstormsecurity.com/files/162242/red-hat-security-advisory-2021-1267-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1406

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042828

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1669

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2781

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1151

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0981

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1212

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041223

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021042136

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1299

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1694

Trust: 0.6

url:https://packetstormsecurity.com/files/161952/ubuntu-security-notice-usn-4887-1.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021051317

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.3346

Trust: 0.6

url:https://packetstormsecurity.com/files/161909/ubuntu-security-notice-usn-4883-1.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021050609

Trust: 0.6

url:https://packetstormsecurity.com/files/162341/red-hat-security-advisory-2021-1373-01.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/linux-kernel-read-write-access-via-iscsi-show-transport-handle-34762

Trust: 0.6

url:https://packetstormsecurity.com/files/162108/red-hat-security-advisory-2021-1081-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-data-risk-manager-is-affected-by-multiple-vulnerabilities-4/

Trust: 0.6

url:https://packetstormsecurity.com/files/162151/red-hat-security-advisory-2021-1168-01.html

Trust: 0.6

url:https://packetstormsecurity.com/files/162478/red-hat-security-advisory-2021-1429-01.html

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021041608

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1558

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1635

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1655

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2589

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1339

Trust: 0.6

url:https://packetstormsecurity.com/files/162337/red-hat-security-advisory-2021-1369-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1184

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1224

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2136

Trust: 0.6

url:https://www.ibm.com/support/pages/node/6525030

Trust: 0.6

url:https://packetstormsecurity.com/files/162528/red-hat-security-advisory-2021-1531-01.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1002

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1101

Trust: 0.6

url:https://packetstormsecurity.com/files/162383/red-hat-security-advisory-2021-1448-01.html

Trust: 0.6

url:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-network-packet-capture-is-vulnerable-to-using-components-with-known-vulnerabilities-2/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2021-27364

Trust: 0.3

url:https://listman.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.3

url:https://access.redhat.com/security/team/contact/

Trust: 0.3

url:https://bugzilla.redhat.com/):

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2021-27365

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2020-28374

Trust: 0.2

url:https://access.redhat.com/security/team/key/

Trust: 0.2

url:https://access.redhat.com/articles/11258

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://ubuntu.com/security/notices/usn-4901-1

Trust: 0.1

url:https://access.redhat.com/errata/rhba-2021:1427

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-2163

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-20305

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3347

Trust: 0.1

url:https://access.redhat.com/security/updates/classification/#low

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1429

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25649

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/updating/updating-cluster

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3447

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-3447

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-3347

Trust: 0.1

url:https://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-rel

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2021-20305

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25649

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-2163

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1071

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-4889-1

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25211

Trust: 0.1

url:https://access.redhat.com/errata/rhsa-2021:1531

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-28374

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2020-25705

Trust: 0.1

url:https://access.redhat.com/security/cve/cve-2019-19532

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25705

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-25211

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19532

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1098.107

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1087.89

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1096.103~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.15.0-139.143

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1152.162

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1081.86

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-4883-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp-4.15/4.15.0-1095.108

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1090.99

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1110.122~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1095.108~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.4.0-206.238

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1124.138

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1096.103

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure-4.15/4.15.0-1110.122

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-139.143~16.04.1

Trust: 0.1

sources: VULHUB: VHN-386598 // JVNDB: JVNDB-2021-004361 // PACKETSTORM: 162115 // PACKETSTORM: 162478 // PACKETSTORM: 162098 // PACKETSTORM: 161973 // PACKETSTORM: 162528 // PACKETSTORM: 161909 // CNNVD: CNNVD-202103-523 // NVD: CVE-2021-27363

CREDITS

Red Hat

Trust: 0.9

sources: PACKETSTORM: 162478 // PACKETSTORM: 162098 // PACKETSTORM: 162528 // CNNVD: CNNVD-202103-523

SOURCES

db:VULHUBid:VHN-386598
db:JVNDBid:JVNDB-2021-004361
db:PACKETSTORMid:162115
db:PACKETSTORMid:162478
db:PACKETSTORMid:162098
db:PACKETSTORMid:161973
db:PACKETSTORMid:162528
db:PACKETSTORMid:161909
db:CNNVDid:CNNVD-202103-523
db:NVDid:CVE-2021-27363

LAST UPDATE DATE

2024-12-21T21:04:33.215000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-386598date:2022-05-23T00:00:00
db:JVNDBid:JVNDB-2021-004361date:2021-11-18T09:07:00
db:CNNVDid:CNNVD-202103-523date:2022-07-11T00:00:00
db:NVDid:CVE-2021-27363date:2024-11-21T05:57:50.513

SOURCES RELEASE DATE

db:VULHUBid:VHN-386598date:2021-03-07T00:00:00
db:JVNDBid:JVNDB-2021-004361date:2021-11-18T00:00:00
db:PACKETSTORMid:162115date:2021-04-07T20:09:28
db:PACKETSTORMid:162478date:2021-05-06T01:15:29
db:PACKETSTORMid:162098date:2021-04-06T14:36:05
db:PACKETSTORMid:161973date:2021-03-25T14:09:02
db:PACKETSTORMid:162528date:2021-05-11T15:20:32
db:PACKETSTORMid:161909date:2021-03-22T15:29:43
db:CNNVDid:CNNVD-202103-523date:2021-03-05T00:00:00
db:NVDid:CVE-2021-27363date:2021-03-07T04:15:13.330