The third vulnerability patched in this new CentOS Linux 7 and RHEL 7 kernel update is CVE-2021-27363, a flaw having a “moderate” security impact and discovered in Linux kernel’s iSCSI driver. Two of these vulnerabilities are marked by the Red Hat Product Security team as “important.” These include CVE-2021-27365, a heap buffer overflow discovered in Linux kernel’s iSCSI subsystem that could allow a local, unprivileged user to cause a denial of service (system crash) or possibly execute arbitrary code, and CVE-2021-27364, an out-of-bounds read flaw discovered in the libiscsi module that could lead to reading kernel memory or a crash. The new Linux kernel security update comes just three weeks after the previous one, which patched 11 flaws, to address three vulnerabilities affecting the Linux 3.10 kernel used in all supported Red Hat Enterprise Linux 7 and CentOS Linux 7 operating system series. A new important Linux kernel security update has been released for Red Hat Enterprise Linux (RHEL) 7 and CentOS Linux 7 systems to address three security vulnerabilities and various other bugs.
0 kommentar(er)
