{"id":"ALSA-2021:1578","summary":"Important: kernel security, bug fix, and enhancement update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)\n\n* kernel: memory leak in sof_set_get_large_ctrl_data() function in sound/soc/sof/ipc.c (CVE-2019-18811)\n\n* kernel: use-after-free caused by a malicious USB device in the drivers/usb/misc/adutux.c driver (CVE-2019-19523)\n\n* kernel: use-after-free bug caused by a malicious USB device in the drivers/usb/misc/iowarrior.c driver (CVE-2019-19528)\n\n* kernel: possible out of bounds write in kbd_keycode of keyboard.c (CVE-2020-0431)\n\n* kernel: DoS by corrupting mountpoint reference counter (CVE-2020-12114)\n\n* kernel: use-after-free in usb_sg_cancel function in drivers/usb/core/message.c (CVE-2020-12464)\n\n* kernel: buffer uses out of index in ext3/4 filesystem (CVE-2020-14314)\n\n* kernel: Use After Free vulnerability in cgroup BPF component (CVE-2020-14356)\n\n* kernel: NULL pointer dereference in serial8250_isa_init_ports function in drivers/tty/serial/8250/8250_core.c (CVE-2020-15437)\n\n* kernel: umask not applied on filesystem without ACL support (CVE-2020-24394)\n\n* kernel: TOCTOU mismatch in the NFS client code (CVE-2020-25212)\n\n* kernel: incomplete permission checking for access to rbd devices (CVE-2020-25284)\n\n* kernel: race condition between hugetlb sysctl handlers in mm/hugetlb.c (CVE-2020-25285)\n\n* kernel: improper input validation in ppp_cp_parse_cr function leads to memory corruption and read overflow (CVE-2020-25643)\n\n* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)\n\n* kernel: use-after-free in kernel midi subsystem (CVE-2020-27786)\n\n* kernel: child process is able to access parent mm through hfi dev file handle (CVE-2020-27835)\n\n* kernel: slab-out-of-bounds read in fbcon (CVE-2020-28974)\n\n* kernel: fork: fix copy_process(CLONE_PARENT) race with the exiting -\u003ereal_parent (CVE-2020-35508)\n\n* kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations (CVE-2020-36322)\n\n* kernel: use after free in tun_get_user of tun.c could lead to local escalation of privilege (CVE-2021-0342)\n\n* kernel: NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs in drivers/media/usb/gspca/ov519.c (CVE-2020-11608)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-02-04T04:21:22.423402Z","published":"2021-05-18T05:33:57Z","related":["CVE-2019-18811","CVE-2019-19523","CVE-2019-19528","CVE-2020-0431","CVE-2020-11608","CVE-2020-12114","CVE-2020-12362","CVE-2020-12464","CVE-2020-14314","CVE-2020-14356","CVE-2020-15437","CVE-2020-24394","CVE-2020-25212","CVE-2020-25284","CVE-2020-25285","CVE-2020-25643","CVE-2020-25704","CVE-2020-27786","CVE-2020-27835","CVE-2020-28974","CVE-2020-35508","CVE-2020-36322","CVE-2021-0342"],"references":[{"type":"REPORT","url":"https://vulners.com/cve/CVE-2019-18811"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2019-19523"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2019-19528"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-0431"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-11608"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-12114"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-12362"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-12363"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-12364"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-12464"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-14314"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-14356"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-15437"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-24394"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-25212"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-25284"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-25285"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-25643"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-25704"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-27786"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-27835"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-28974"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-35508"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-36322"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2021-0342"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2021-0605"}],"affected":[{"package":{"name":"kernel-tools-libs-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-tools-libs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-305.el8"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1578.json"}}],"schema_version":"1.7.3"}