{
"type": "redhat",
"cveID": "CVE-2020-26541",
"title": "RHSA-2021:2570: kernel security and bug fix update (Important)",
"summary": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: use-after-free in net/bluetooth/hci_event.c when destroying an hci_chan (CVE-2021-33034)\n\n* kernel: security bypass in certs/blacklist.c and certs/system_keyring.c (CVE-2020-26541)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [ESXi][RHEL-8] VMXNET3 v4 causes invalid checksums of inner packets of VXLAN tunnel (BZ#1960702)\n\n* fnic crash from invalid request pointer (BZ#1961705)\n\n* GFS2: Failed FS thaw call makes the entire snapshot failed. (BZ#1961849)\n\n* dm writecache: fix performance degradation in ssd mode (BZ#1962241)\n\n* Kernel BUG with act_ct and IP fragments (BZ#1963940)\n\n* core: backports from upstream (BZ#1963952)\n\n* Hibernate resume on RHEL fails in Amazon EC2 C5.18xlarge instance (BZ#1964930)\n\n* [SanityOnly] panic caused by i40e_msix_clean_rings (BZ#1964962)\n\n* tc reclassification limit is too low for OVN (BZ#1965148)\n\n* tc action ct nat src addr does not work while used with ct nat dst addr together (BZ#1965150)\n\n* CNB: Rebase/update TC subsystem for RHEL 8.5 (BZ#1965457)\n\n* sctp: crash due to use after free of sctp_transport structure (BZ#1965632)",
"cvss2Score": 0,
"cvss2Vector": "",
"cvss2Severity": "",
"cvss3Score": 6.5,
"cvss3Vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"cvss3Severity": "moderate",
"sourceLink": "",
"references": [
{
"link": "https://access.redhat.com/errata/RHSA-2021:2570",
"source": "RHSA",
"refID": "RHSA-2021:2570"
},
{
"link": "https://access.redhat.com/security/cve/CVE-2020-26541",
"source": "CVE",
"refID": "CVE-2020-26541"
},
{
"link": "https://access.redhat.com/security/cve/CVE-2021-33034",
"source": "CVE",
"refID": "CVE-2021-33034"
}
],
"cweIDs": [
"CWE-347-\u003eCWE-200"
],
"published": "2021-06-29T00:00:00Z",
"lastModified": "2021-06-29T00:00:00Z"
},
CWE-347->CWE-200: Improper Verification of Cryptographic Signature leads to Exposure of Sensitive
or
{
"type": "redhat",
"cveID": "CVE-2021-3543",
"title": "RHSA-2021:2168: kernel security and bug fix update (Important)",
"summary": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu-\u003erun (CVE-2021-3501)\n\n* kernel: nitro_enclaves stale file descriptors on failed usercopy (CVE-2021-3543)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* OVS mistakenly using local IP as tun_dst for VXLAN packets (?) (BZ#1944667)\n\n* Selinux: The task calling security_set_bools() deadlocks with itself when it later calls selinux_audit_rule_match(). (BZ#1945123)\n\n* [mlx5] tc flower mpls match options does not work (BZ#1952061)\n\n* mlx5: missing patches for ct.rel (BZ#1952062)\n\n* CT HWOL: with OVN/OVS, intermittently, load balancer hairpin TCP packets get dropped for seconds in a row (BZ#1952065)\n\n* [Lenovo 8.3 bug] Blackscreen after clicking on \"Settings\" icon from top-right corner. (BZ#1952900)\n\n* RHEL 8.x missing uio upstream fix. (BZ#1952952)\n\n* Turbostat doesn't show any measured data on AMD Milan (BZ#1952987)\n\n* P620 no sound from front headset jack (BZ#1954545)\n\n* RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. (BZ#1955188)\n\n* [net/sched] connection failed with DNAT + SNAT by tc action ct (BZ#1956458)",
"cvss2Score": 0,
"cvss2Vector": "",
"cvss2Severity": "",
"cvss3Score": 6.7,
"cvss3Vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"cvss3Severity": "moderate",
"sourceLink": "",
"references": [
{
"link": "https://access.redhat.com/errata/RHSA-2021:2168",
"source": "RHSA",
"refID": "RHSA-2021:2168"
},
{
"link": "https://access.redhat.com/security/cve/CVE-2021-3501",
"source": "CVE",
"refID": "CVE-2021-3501"
},
{
"link": "https://access.redhat.com/security/cve/CVE-2021-3543",
"source": "CVE",
"refID": "CVE-2021-3543"
}
],
"cweIDs": [
"(CWE-416|CWE-476)"
],
"published": "2021-06-01T00:00:00Z",
"lastModified": "2021-06-01T00:00:00Z"
},
(CWE-416|CWE-476): Use After Free or NULL Pointer Dereference
causing an error and not being able to display the details panel.
For example,
CWE-347->CWE-200: Improper Verification of Cryptographic Signature leads to Exposure of Sensitive
or
(CWE-416|CWE-476): Use After Free or NULL Pointer Dereference
causing an error and not being able to display the details panel.