{"schema_version":"1.7.2","id":"OESA-2021-1318","modified":"2021-08-20T11:03:09Z","published":"2021-08-20T11:03:09Z","upstream":["CVE-2021-3679","CVE-2021-38204","CVE-2021-38205","CVE-2021-38209","CVE-2021-38199","CVE-2021-38207","CVE-2021-38208"],"summary":"kernel security update","details":"The Linux Kernel, the operating system core itself.\r\n\r\nSecurity Fix(es):\r\n\r\nA lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.(CVE-2021-3679)\r\n\r\ndrivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.(CVE-2021-38204)\r\n\r\ndrivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).(CVE-2021-38205)\r\n\r\nnet/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.(CVE-2021-38209)\r\n\r\nfs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.(CVE-2021-38199)\r\n\r\ndrivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.(CVE-2021-38207)\r\n\r\nnet/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.(CVE-2021-38208)","affected":[{"package":{"ecosystem":"openEuler:20.03-LTS-SP1","name":"kernel","purl":"pkg:rpm/openEuler/kernel\u0026distro=openEuler-20.03-LTS-SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.19.90-2108.5.0.0103.oe1"}]}],"ecosystem_specific":{"aarch64":["kernel-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","kernel-debugsource-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","perf-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","python3-perf-debuginfo-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","kernel-source-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","kernel-tools-debuginfo-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","python2-perf-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","python3-perf-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","bpftool-debuginfo-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","kernel-tools-devel-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","kernel-tools-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","python2-perf-debuginfo-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","kernel-debuginfo-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","kernel-devel-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","perf-debuginfo-4.19.90-2108.5.0.0103.oe1.aarch64.rpm","bpftool-4.19.90-2108.5.0.0103.oe1.aarch64.rpm"],"src":["kernel-4.19.90-2108.5.0.0103.oe1.src.rpm"],"x86_64":["kernel-source-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","python3-perf-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","kernel-tools-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","kernel-debuginfo-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","perf-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","perf-debuginfo-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","python2-perf-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","bpftool-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","kernel-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","kernel-debugsource-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","kernel-tools-devel-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","bpftool-debuginfo-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","python2-perf-debuginfo-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","python3-perf-debuginfo-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","kernel-devel-4.19.90-2108.5.0.0103.oe1.x86_64.rpm","kernel-tools-debuginfo-4.19.90-2108.5.0.0103.oe1.x86_64.rpm"]}},{"package":{"ecosystem":"openEuler:20.03-LTS-SP2","name":"kernel","purl":"pkg:rpm/openEuler/kernel\u0026distro=openEuler-20.03-LTS-SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.19.90-2108.5.0.0104.oe1"}]}],"ecosystem_specific":{"aarch64":["kernel-source-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","kernel-debugsource-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","python2-perf-debuginfo-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","kernel-tools-devel-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","perf-debuginfo-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","kernel-debuginfo-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","bpftool-debuginfo-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","perf-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","kernel-devel-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","python2-perf-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","python3-perf-debuginfo-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","kernel-tools-debuginfo-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","kernel-tools-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","kernel-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","python3-perf-4.19.90-2108.5.0.0104.oe1.aarch64.rpm","bpftool-4.19.90-2108.5.0.0104.oe1.aarch64.rpm"],"src":["kernel-4.19.90-2108.5.0.0104.oe1.src.rpm"],"x86_64":["python3-perf-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-debuginfo-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","perf-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","python2-perf-debuginfo-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-devel-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-tools-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-tools-devel-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","python3-perf-debuginfo-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-tools-debuginfo-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","python2-perf-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-source-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","kernel-debugsource-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","bpftool-debuginfo-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","perf-debuginfo-4.19.90-2108.5.0.0104.oe1.x86_64.rpm","bpftool-4.19.90-2108.5.0.0104.oe1.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1318"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3679"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38204"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38205"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38209"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38199"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38207"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-38208"}],"database_specific":{"severity":"High"}}