CLSA-2021:1639682357

[CLSA-2022:1643637294] Fix 12 CVEs

Type:

security

Severity:

moderate

Release date:

2022-01-31 13:54:54 UTC

Description:

   * CVE-2021-38198
    - ELSCVE-686: KVM: MMU: return page fault error code from permission_fault
    - ELSCVE-686: kvm: x86: MMU support for EPT accessed/dirty bits
    - ELSCVE-686: KVM: nVMX: fix EPT permissions as reported in exit qualification
    - ELSCVE-686: KVM: X86: MMU: Use the correct inherited permissions to get shadow page

  * CVE-2021-3655
    - ELSCVE-715: sctp: add size validation when walking chunks
    - ELSCVE-715: sctp: add param size validation for SCTP_PARAM_SET_PRIMARY
    - ELSCVE-715: sctp: validate chunk size in __rcv_asconf_lookup
    - ELSCVE-715: sctp: validate from_addr_param return
    - ELSCVE-715: sctp: fix return value check in __sctp_rcv_asconf_lookup

  * CVE-2021-3428
    - ELSCVE-1704: ext4: don't allow overlapping system zones
    - ELSCVE-1704: ext4: check journal inode extents more carefully

  * CVE-2021-38205
    - ELSCVE-389: net: xilinx_emaclite: Do not print real IOMEM pointer

  * CVE-2021-28688
    - ELSCVE-670: xen-blkback: don't leak persistent grants from xen_blkbk_map()

  * CVE-2021-34693
    - ELSCVE-668: can: bcm: fix infoleak in struct bcm_msg_head

  * CVE-2020-25673
    - ELSCVE-819: nfc: Avoid endless loops caused by repeated llcp_sock_connect()

  * CVE-2021-23134
    - ELSCVE-620: net/nfc: fix use-after-free llcp_sock_bind/connect

  * CVE-2021-3573
    - ELSCVE-846: Bluetooth: use correct lock to prevent UAF of hdev object

  * CVE-2021-38204
    - ELSCVE-457: usb: max-3421: Prevent corruption of freed memory

  * CVE-2021-42008
    - ELSCVE-1730: net: 6pack: fix slab-out-of-bounds in decode_data

  * CVE-2020-36385
    - ELSCVE-1181: RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy

Updated packages:

linux-buildinfo-4.4.0-213-generic_4.4.0-213.245_amd64.deb
sha:6612933e7527bb8dc2fd533c17ff9ef13b8feed5
linux-buildinfo-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb
sha:a0b4482f9821dbdd8f3376055e361344354db8b1
linux-cloud-tools-4.4.0-213_4.4.0-213.245_amd64.deb
sha:489cf07c04697b1edacaaa8bfe4919ae93cfcaab
linux-cloud-tools-4.4.0-213-generic_4.4.0-213.245_amd64.deb
sha:98eed10e30c80afc76aa3e38d89c964f490b3388
linux-cloud-tools-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb
sha:b58327057036c742ac74a01f6a31019b79a48282
linux-cloud-tools-common_4.4.0-213.245_all.deb
sha:ffb541e8e58faa260cc257ab28fdd2de654b5bcb
linux-doc_4.4.0-213.245_all.deb
sha:04c9ccb254c35c4946b3c3712c59793ff3f89eb6
linux-headers-4.4.0-213_4.4.0-213.245_all.deb
sha:5f1bb9bfaf1da2f19c553741b33e0d868a49fcc8
linux-headers-4.4.0-213-generic_4.4.0-213.245_amd64.deb
sha:0c31717bb870c88712309882876341cd5e7681f1
linux-headers-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb
sha:a337326a03ed5c64f523800e5f4cf4a8a948613e
linux-image-unsigned-4.4.0-213-generic_4.4.0-213.245_amd64.deb
sha:14571e5897078d08043f536bc096a791fb8f6e5a
linux-image-unsigned-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb
sha:a2a0f181ddbefb4bde6a9ef44e099eee6dc5ab3f
linux-libc-dev_4.4.0-213.245_amd64.deb
sha:667df021d65c4c1f844628a6112ca74a8d4bc6fa
linux-modules-4.4.0-213-generic_4.4.0-213.245_amd64.deb
sha:c99415c5907ead5610f53cacc4e56ff9122b9f29
linux-modules-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb
sha:ae93f42be6eab6ec7c6ae811db40604a9d1a5d0b
linux-modules-extra-4.4.0-213-generic_4.4.0-213.245_amd64.deb
sha:29be9cd617b72e1ef06ae38f630d68989de8d4a6
linux-source-4.4.0_4.4.0-213.245_all.deb
sha:82e984c87ec9c51686379087d2bb29a3cf692e8f
linux-tools-4.4.0-213_4.4.0-213.245_amd64.deb
sha:041370c721666c4f13f1a7c6f060710e5199b7f9
linux-tools-4.4.0-213-generic_4.4.0-213.245_amd64.deb
sha:1501d3007a037c62a3a939770a17d3e30f6e5f95
linux-tools-4.4.0-213-lowlatency_4.4.0-213.245_amd64.deb
sha:52f224600682f06106b6b587c87c579181f4b0dd
linux-tools-common_4.4.0-213.245_all.deb
sha:9aa390a51838fcc440c54aa3597cf254ab8ec9c5
linux-tools-host_4.4.0-213.245_all.deb
sha:a338ad7aba274346d3cfe9bcbaeadf5428911d50

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.