CentOS Local Security Checks : CentOS: Security Advisory for bpftool (CESA-2021:3801)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.883383

Categoría: CentOS Local Security Checks

Título: CentOS: Security Advisory for bpftool (CESA-2021:3801)

Resumen: The remote host is missing an update for the 'bpftool'; package(s) announced via the CESA-2021:3801 advisory.

Descripción: Summary:
The remote host is missing an update for the 'bpftool'
package(s) announced via the CESA-2021:3801 advisory.

Vulnerability Insight:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: Improper handling of VM_IOVM_PFNMAP vmas in KVM can bypass RO
checks (CVE-2021-22543)

* kernel: powerpc: KVM guest OS users can cause host OS memory corruption
(CVE-2021-37576)

* kernel: SVM nested virtualization issue in KVM (AVIC support)
(CVE-2021-3653)

* kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE)
(CVE-2021-3656)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Kernel panic due to double fault with DLM reporting for socket error
'sk_err=32/0' (BZ#1834878)

* 'MFW indication via attention' message getting logged frequently after
every 5 minutes (BZ#1854544)

* lpfc fails to discovery in pt2pt with '2754 PRLI failure DID:0000EF
Status:x9/x91e00, data: x0' (BZ#1922479)

* pcpu_get_vm_areas using most memory from VmallocUsed (BZ#1970618)

* RHEL 7.9.z [qedf driver] Racing condition between qedf_cleanup_fcport and
releasing command after timeout (BZ#1982702)

* [Azure] RHEL 7.9 reports GPU/IB topology incorrectly on some Azure SKUs
(BZ#1984128)

* [stable guest ABI]Hot add CPU after migration cause guest hang
(BZ#1991856)

* i40e driver crash at RIP: i40e_config_vf_promiscuous_mode+0x165
(BZ#1993850)

* [nfs] Performance issue since commit 5a4f6f11951e (BZ#1995649)

* [kernel] Indefinite waiting for RCU callback while removing cgroup
(BZ#2000973)

Affected Software/OS:
'bpftool' package(s) on CentOS 7.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2021-3653
http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=1983686
https://www.openwall.com/lists/oss-security/2021/08/16/1
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-3656
https://bugzilla.redhat.com/show_bug.cgi?id=1983988
https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc
https://github.com/torvalds/linux/commit/c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc
Common Vulnerability Exposure (CVE) ID: CVE-2021-22543
FEDORA-2021-95f2f1cfc7
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/
FEDORA-2021-fe826f202e
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/
[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update
[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
[oss-security] 20210626 Re: CVE-2021-22543 - /dev/kvm LPE
http://www.openwall.com/lists/oss-security/2021/06/26/1
https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
https://security.netapp.com/advisory/ntap-20210708-0002/
Common Vulnerability Exposure (CVE) ID: CVE-2021-37576
Debian Security Information: DSA-4978 (Google Search)
https://www.debian.org/security/2021/dsa-4978
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WDFA7DSQIPM7XPNXJBXFWXHJFVUBCAG6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2YZ2DNURMYYVDT2NYAFDESJC35KCUDS/
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a
https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf@mpe.ellerman.id.au/T/#u
http://www.openwall.com/lists/oss-security/2021/07/27/2

Copyright Copyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.883383
Categoría:	CentOS Local Security Checks
Título:	CentOS: Security Advisory for bpftool (CESA-2021:3801)
Resumen:	The remote host is missing an update for the 'bpftool'; package(s) announced via the CESA-2021:3801 advisory.
Descripción:	Summary: The remote host is missing an update for the 'bpftool' package(s) announced via the CESA-2021:3801 advisory. Vulnerability Insight: The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Improper handling of VM_IOVM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543) * kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576) * kernel: SVM nested virtualization issue in KVM (AVIC support) (CVE-2021-3653) * kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Kernel panic due to double fault with DLM reporting for socket error 'sk_err=32/0' (BZ#1834878) * 'MFW indication via attention' message getting logged frequently after every 5 minutes (BZ#1854544) * lpfc fails to discovery in pt2pt with '2754 PRLI failure DID:0000EF Status:x9/x91e00, data: x0' (BZ#1922479) * pcpu_get_vm_areas using most memory from VmallocUsed (BZ#1970618) * RHEL 7.9.z [qedf driver] Racing condition between qedf_cleanup_fcport and releasing command after timeout (BZ#1982702) * [Azure] RHEL 7.9 reports GPU/IB topology incorrectly on some Azure SKUs (BZ#1984128) * [stable guest ABI]Hot add CPU after migration cause guest hang (BZ#1991856) * i40e driver crash at RIP: i40e_config_vf_promiscuous_mode+0x165 (BZ#1993850) * [nfs] Performance issue since commit 5a4f6f11951e (BZ#1995649) * [kernel] Indefinite waiting for RCU callback while removing cgroup (BZ#2000973) Affected Software/OS: 'bpftool' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-3653 http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html https://bugzilla.redhat.com/show_bug.cgi?id=1983686 https://www.openwall.com/lists/oss-security/2021/08/16/1 https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html Common Vulnerability Exposure (CVE) ID: CVE-2021-3656 https://bugzilla.redhat.com/show_bug.cgi?id=1983988 https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc https://github.com/torvalds/linux/commit/c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc Common Vulnerability Exposure (CVE) ID: CVE-2021-22543 FEDORA-2021-95f2f1cfc7 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/ FEDORA-2021-fe826f202e https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/ [debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update [oss-security] 20210626 Re: CVE-2021-22543 - /dev/kvm LPE http://www.openwall.com/lists/oss-security/2021/06/26/1 https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584 https://security.netapp.com/advisory/ntap-20210708-0002/ Common Vulnerability Exposure (CVE) ID: CVE-2021-37576 Debian Security Information: DSA-4978 (Google Search) https://www.debian.org/security/2021/dsa-4978 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WDFA7DSQIPM7XPNXJBXFWXHJFVUBCAG6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2YZ2DNURMYYVDT2NYAFDESJC35KCUDS/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf@mpe.ellerman.id.au/T/#u http://www.openwall.com/lists/oss-security/2021/07/27/2
Copyright	Copyright (C) 2021 Greenbone Networks GmbH