Detections
Analytics
RHEL 7 : kernel (RHSA-2021:0856)
high Nessus Plugin ID 147835
Language:
Synopsis
The remote Red Hat host is missing one or more security updates for kernel.Description
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0856 advisory.The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)
* kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374)
* kernel: locking issue in drivers/tty/tty_jobctrl.c can lead to an use-after-free (CVE-2020-29661)
* kernel: malicious USB devices can lead to multiple out-of-bounds write (CVE-2019-19532)
* kernel: out-of-bounds reads in pinctrl subsystem. (CVE-2020-0427)
* kernel: use-after-free in i915_ppgtt_close in drivers/gpu/drm/i915/i915_gem_gtt.c (CVE-2020-7053)
* kernel: performance counters race condition use-after-free (CVE-2020-14351)
* kernel: Geneve/IPsec traffic may be unencrypted between two Geneve endpoints (CVE-2020-25645)
* kernel: use-after-free in read in vt_do_kdgkb_ioctl (CVE-2020-25656)
* kernel: ICMP rate limiting can be used for DNS poisoning attack (CVE-2020-25705)
* kernel: increase slab leak leads to DoS (CVE-2021-20265)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* BUG: scheduling while atomic: memory allocation under spinlock in scsi_register_device_handler() (BZ#1619147)
* WARNING in __iscsit_free_cmd during recovery Abort (BZ#1784540)
* lpfc does not issue adisc to fcp-2 devices, does not respond to nvme targer that send an adisc.
(BZ#1875961)
* Panic in semctl_nolock.constprop.15+0x25b (BZ#1877264)
* [RHEL 7.7][md]Crash due to invalid pool workqueue pointer, work queue race (BZ#1889372)
* Guest crash on intel CPU with -cpu host,-spec-ctrl,+ibpb (BZ#1890669)
* RHEL7.9 - kernel/uv: handle length extension properly (BZ#1899172)
* Commit b144f013fc16a06d7a4b9a4be668a3583fafeda2 'i40e: don't report link up for a VF who hasn't enabled queues' introducing issues with VM using DPDK (BZ#1901064)
* writing to /sys/devices/(...)/net/eno49/queues/tx-16/xps_cpus triggers kernel panic (BZ#1903819)
* [Hyper-V][RHEL-7.9]video: hyperv_fb: Fix the cache type when mapping the VRAM Edit (BZ#1908896)
* kvm-rhel7.9 [AMD] - system crash observed while powering on virtual machine with attached VF interfaces.
(BZ#1909036)
* kernel: nvme nvme7: Connect command failed, error wo/DNR bit: 2 (BZ#1910817)
* dm-mirror crashes from assuming underlying storage will have a non-NULL merge_bvec_fn (BZ#1916407)
* watchdog: use nmi registers snapshot in hardlockup handler (BZ#1916589)
* [DELL EMC 7.9 BUG] - Intel E810 NIC interfaces are not functional in RHEL 7.9 on system with AMD Rome CPUs (BZ#1918273)
* [DELL EMC BUG] RHEL system log shows AMD-Vi error when system connected with Gen 4 NVMe drives.
(BZ#1921187)
Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the RHEL kernel package based on the guidance in RHSA-2021:0856.See Also
http://www.nessus.org/u?0ac74f36
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/errata/RHSA-2021:0856
https://bugzilla.redhat.com/show_bug.cgi?id=1781821
https://bugzilla.redhat.com/show_bug.cgi?id=1795624
https://bugzilla.redhat.com/show_bug.cgi?id=1862849
https://bugzilla.redhat.com/show_bug.cgi?id=1877571
https://bugzilla.redhat.com/show_bug.cgi?id=1883988
https://bugzilla.redhat.com/show_bug.cgi?id=1888726
https://bugzilla.redhat.com/show_bug.cgi?id=1894579
https://bugzilla.redhat.com/show_bug.cgi?id=1899804
https://bugzilla.redhat.com/show_bug.cgi?id=1901064
https://bugzilla.redhat.com/show_bug.cgi?id=1906525
https://bugzilla.redhat.com/show_bug.cgi?id=1908827
Plugin Details
Severity: High
ID: 147835
File Name: redhat-RHSA-2021-0856.nasl
Version: 1.16
Type: local
Agent: unix
Family: Red Hat Local Security Checks
Published: 3/17/2021
Updated: 11/7/2024
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
Vendor
Vendor Severity: Important
CVSS v2
Risk Factor: High
Base Score: 7.2
Temporal Score: 5.6
Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2020-29661
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.3
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
CVSS Score Source: CVE-2020-28374
Vulnerability Information
CPE: p-cpe:/a:redhat:enterprise_linux:bpftool, p-cpe:/a:redhat:enterprise_linux:kernel-tools, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-kdump, p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs, p-cpe:/a:redhat:enterprise_linux:python-perf, p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:redhat:enterprise_linux:perf
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/16/2021
Vulnerability Publication Date: 12/3/2019
Reference Information
CVE: CVE-2019-19532, CVE-2020-0427, CVE-2020-14351, CVE-2020-25211, CVE-2020-25645, CVE-2020-25656, CVE-2020-25705, CVE-2020-28374, CVE-2020-29661, CVE-2020-7053, CVE-2021-20265