ALT-PU-2021-1578-1
Package kernel-image-un-def updated to version 5.10.26-alt1 for branch p9 in task 268524.
Closed vulnerabilities
Published: 2021-03-14
BDU:2021-01827
Уязвимость реализации функции vhost_vdpa_config_put() ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2021-03-27
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2021-29266
An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v->config_ctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References:
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.9
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.9
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f6bbf0010ba004f5e90c7aefdebc0ee4bd3283b9
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f6bbf0010ba004f5e90c7aefdebc0ee4bd3283b9
- https://security.netapp.com/advisory/ntap-20210513-0005/
- https://security.netapp.com/advisory/ntap-20210513-0005/