Sicherheit: Mehrere Probleme in kernel-headers

Lesezeichen hinzufügen

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2021-2306e89112
2021-04-02 01:20:49.435014
-------------------------------------------------------------------------------
-

Name : kernel-headers
Product : Fedora 33
Version : 5.11.11
Release : 200.fc33
URL : http://www.kernel.org/
Summary : Header files for the Linux kernel for use by glibc
Description :
Kernel-headers includes the C header files that specify the interface
between the Linux kernel and userspace libraries and programs. The
header files define structures and constants that are needed for
building most standard programs and are also needed for rebuilding the
glibc package.

-------------------------------------------------------------------------------
-
Update Information:

The 5.11.11 stable kernel update contains a number of important fixes across
the
tree.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Mar 30 2021 Justin M. Forbes <jforbes@fedoraproject.org> -
5.11.11-200
- Linux v5.11.11
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1945345 - CVE-2021-29646 kernel: improper input validation in
tipc_nl_retrieve_key function in net/tipc/node.c
https://bugzilla.redhat.com/show_bug.cgi?id=1945345
[ 2 ] Bug #1945361 - CVE-2021-29647 kernel: information disclosure due to
uninitialized data structure in qrtr_recvmsg function in net/qrtr/qrtr.c
https://bugzilla.redhat.com/show_bug.cgi?id=1945361
[ 3 ] Bug #1945373 - CVE-2021-29648 kernel: DoS due to BPF subsystem does not
properly consider that resolved_ids and resolved_sizes are intentionally uninitialized in the vmlinux BPF
https://bugzilla.redhat.com/show_bug.cgi?id=1945373
[ 4 ] Bug #1945379 - CVE-2021-29649 kernel: memory leak in user mode driver
due to lack of cleanup steps in kernel/usermode_driver.c and kernel/bpf/preload/bpf_preload_kern.c
https://bugzilla.redhat.com/show_bug.cgi?id=1945379
[ 5 ] Bug #1945388 - CVE-2021-29650 kernel: lack a full memory barrier upon
the assignment of a new table value in net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h may lead to DoS
https://bugzilla.redhat.com/show_bug.cgi?id=1945388
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-2306e89112' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure