CentOS Linux 7 and Red Hat Enterprise Linux (RHEL) 7 users received an important Linux kernel security update that addresses 11 vulnerabilities and numerous more than a dozen bugs.
The new kernel security and bug fix update has been rated by Red Hat Product Security as having a security impact of ‘Important’ and affects the kernel packages in all supported Red Hat Enterprise Linux 7 operating system editions, as well as the CentOS Linux 7 operating system series.
The update addresses 11 security vulnerabilities, including CVE-2020-25705, a flaw discovered in the ICMP global rate limiter that could allow an off-path remote attacker to bypass source port UDP randomization and facilitate attacks on UDP based services that depend on source port randomization.
CVE-2020-25211, a buffer overflow that could allow a local attacker to crash the system by causing a denial of service, CVE-2020-28374, a flaw found in the LIO SCSI target implementation that could allow an authenticated attacker to send LIO block requests to the Linux system to overwrite data on the backing store, and CVE-2021-20265, a flaw found in the way memory resources were freed in the unix_stream_recvmsg function that could allow an unprivileged local user to crash the system by exhausting available memory were patched as well.
Also patched are CVE-2020-29661, a locking vulnerability found in the TTY subsystem, which could allow a local attacker to either corrupt memory or escalate privileges, CVE-2019-19532, an out-of-bounds write flaw found in the HID drivers that could allow a physically proximate attacker to crash the system by plugging in a malicious USB device, as well as CVE-2020-0427, a flaw found in the pinctrl system that could lead to local information disclosure with no additional execution privileges needed.
The list of patched flaws continues with CVE-2020-7053, a use-after-free flaw found in the i915 GPU driver that could allow a local attacker to either crash the system or potentially escalate his/her privileges, and CVE-2020-14351, a use-after-free memory flaw found in the perf subsystem allowing a local attacker that has permission to monitor perf events to corrupt memory or possibly escalate privileges.
Another flaw, CVE-2020-25645, was discovered in the Geneve tunnel implementation, which could allow anyone in between two Geneve endpoints to read the Geneve/IPsec traffic unencrypted. Moreover, the update fixes CVE-2020-25656, a use-after-free vulnerability found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT that could allow a local user to get read memory access out of bounds and expose sensitive information.
Last but not least, the kernel security update for CentOS Linux 7 and RHEL 7 systems fixes 16 bugs that could affect the stability, security, and reliability of the operating systems. More details on these bug fixes are available in the Red Hat 2021:0856 security advisory.
All users are urged to update their installations to the new kernel version (kernel-3.10.0-1160.21.1.el7) that’s available right now for Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux Workstation 7, Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux for Scientific Computing 7, Red Hat Virtualization Host 4 for RHEL 7, Red Hat Enterprise Linux for IBM z Systems 7, Red Hat Enterprise Linux for Power, big endian 7, Red Hat Enterprise Linux for Power, little endian 7, and CentOS Linux 7 systems.
Last updated 3 weeks ago