ALT-BU-2021-4287-1
Branch sisyphus update bulletin.
Package btrfs-progs updated to version 5.14.2-alt2 for branch sisyphus in task 287513.
Closed bugs
ld: cannot find -lbtrfsutil (libbtrfs-devel)
Package kernel-image-un-def updated to version 5.14.13-alt1 for branch sisyphus in task 287531.
Closed vulnerabilities
BDU:2022-03143
Уязвимость функции prealloc_elems_and_freelist (kernel/bpf/stackmap.c) ядра операционной системы Linux, позволяющая нарушителю получить доступ к конфиденциальной информации или вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-41864
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.12
- https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a
- https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=30e29a9a2bc6a4888335a6ede968b75cd329657a
- https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a
- https://github.com/torvalds/linux/commit/30e29a9a2bc6a4888335a6ede968b75cd329657a
- [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
- [debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update
- FEDORA-2021-ffda3d6fa1
- FEDORA-2021-ffda3d6fa1
- FEDORA-2021-9dd76a1ed0
- FEDORA-2021-9dd76a1ed0
- FEDORA-2021-79cbbefebe
- FEDORA-2021-79cbbefebe
- https://security.netapp.com/advisory/ntap-20211029-0004/
- https://security.netapp.com/advisory/ntap-20211029-0004/
- DSA-5096
- DSA-5096
Package btrfs-progs updated to version 5.14.2-alt3 for branch sisyphus in task 287543.
Closed bugs
ld: cannot find -lbtrfsutil (libbtrfs-devel-5.14.2-alt2) ч.2
Package kernel-image-rt updated to version 5.10.73-alt1.rt54 for branch sisyphus in task 287508.
Closed vulnerabilities
BDU:2022-00681
Уязвимость функции loop_rw_iter (fs/io_uring.c ) ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Modified: 2024-11-21
CVE-2021-38300
arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.
- http://www.openwall.com/lists/oss-security/2021/09/15/5
- http://www.openwall.com/lists/oss-security/2021/09/15/5
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.10
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.10
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=37cb28ec7d3a36a5bace7063a3dba633ab110f8b
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=37cb28ec7d3a36a5bace7063a3dba633ab110f8b
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update
- [debian-lts-announce] 20220309 [SECURITY] [DLA 2941-1] linux-4.19 security update
- https://security.netapp.com/advisory/ntap-20211008-0003/
- https://security.netapp.com/advisory/ntap-20211008-0003/
- DSA-5096
- DSA-5096
Modified: 2024-11-21
CVE-2021-4028
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.
- https://access.redhat.com/security/cve/CVE-2021-4028
- https://access.redhat.com/security/cve/CVE-2021-4028
- https://bugzilla.redhat.com/show_bug.cgi?id=2027201
- https://bugzilla.redhat.com/show_bug.cgi?id=2027201
- https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0
- https://bugzilla.suse.com/show_bug.cgi?id=1193167#c0
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bc0bdc5afaa74
- https://lkml.org/lkml/2021/10/4/697
- https://lkml.org/lkml/2021/10/4/697
- https://security.netapp.com/advisory/ntap-20221228-0002/
- https://security.netapp.com/advisory/ntap-20221228-0002/
Modified: 2024-11-21
CVE-2021-41073
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/
- http://www.openwall.com/lists/oss-security/2021/09/18/2
- http://www.openwall.com/lists/oss-security/2021/09/18/2
- [oss-security] 20210918 Linux Kernel: Exploitable vulnerability in io_uring
- [oss-security] 20210918 Linux Kernel: Exploitable vulnerability in io_uring
- [oss-security] 20220604 Re: Linux Kernel: Exploitable vulnerability in io_uring
- [oss-security] 20220604 Re: Linux Kernel: Exploitable vulnerability in io_uring
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=16c8d2df7ec0eed31b7d3b61cb13206a7fb930cc
- FEDORA-2021-e0d6215753
- FEDORA-2021-e0d6215753
- FEDORA-2021-884d245ef8
- FEDORA-2021-884d245ef8
- https://security.netapp.com/advisory/ntap-20211014-0003/
- https://security.netapp.com/advisory/ntap-20211014-0003/
- DSA-4978
- DSA-4978
Package python3-module-nbxmpp updated to version 2.0.4-alt1 for branch sisyphus in task 287546.
Closed bugs
Не запускается, требует python-nbxmpp >= 2.0.4