{"id":"ALSA-2021:4647","summary":"Important: kernel security update","details":"The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* kernel: Insufficient validation of user-supplied sizes for the MSG_CRYPTO message type (CVE-2021-43267)\n\n* kernel: timer tree corruption leads to missing wakeup and system freeze (CVE-2021-20317)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.","modified":"2026-02-04T04:33:41.047153Z","published":"2021-11-15T09:57:15Z","related":["CVE-2021-20317","CVE-2021-43267"],"references":[{"type":"REPORT","url":"https://vulners.com/cve/CVE-2021-20317"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2021-43267"}],"affected":[{"package":{"name":"kernel-tools-libs-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/kernel-tools-libs-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.18.0-348.2.1.el8_5"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:4647.json"}}],"schema_version":"1.7.3"}