Bug 1934399

Summary: CVE-2021-20261 kernel-rt: kernel: panic on multiple access to floppy device [rhel-7]
Product: Red Hat Enterprise Linux 7 Reporter: Wade Mealing <wmealing>
Component: kernel-rtAssignee: Ming Lei <minlei>
kernel-rt sub component: Block Layer QA Contact: ChanghuiZhong <czhong>
Status: CLOSED CURRENTRELEASE Docs Contact:
Severity: medium    
Priority: medium CC: bhu, chwhite, czhong, jlelli, jmoyer, kcarcia, lgoncalv, williams
Version: 7.9Keywords: Security, SecurityTracking, Triaged
Target Milestone: rcFlags: pm-rhel: mirror+
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-04-25 13:13:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1934398    
Bug Blocks: 1932150    
Deadline: 2022-03-11   

Description Wade Mealing 2021-03-03 07:04:48 UTC 
rhel-7 tracking bug for kernel-rt: see the bugs linked in the "Blocks" field of this bug for full details of the security issue(s).

This bug is never intended to be made public, please put any public notes in the blocked bugs.

Impact: Moderate
Public Date: not set
PM Fix/Wontfix Decision By: 01-Jun-2021
Resolve Bug By: 365 calendar days from the public date

In case the dates above are already past, please evaluate this bug in your next prioritization review and make a decision then. Remember to explicitly set CLOSED:WONTFIX if you decide not to fix this bug.

Please see the Security Errata Policy for further details: https://docs.engineering.redhat.com/x/9RBqB

NOTE THIS ISSUE IS CURRENTLY EMBARGOED, DO NOT MAKE PUBLIC COMMITS OR COMMENTS ABOUT THIS ISSUE.

WARNING: NOTICE THAT REMOVING THE "SECURITY" GROUP FROM THIS TRACKER MAY BREAK THE EMBARGO.

Information with regards to this bug is considered Red Hat Confidential until the embargo has lifted. Please post the patch only to the 'rhkernel-team-list' mailing list for review and acks.

For the Enterprise Linux security issues handling process overview see: https://mojo.redhat.com/docs/DOC-1003504

Reproducers, if any, will remain confidential and never be made public, unless done so by the security team.

NOTICE: THIS BUG HAS THE DEFAULT QA CONTACT (storage-qe) OVERRIDDEN BECAUSE IT WAS A MAILING LIST OR NON @redhat.com E-MAIL! PLEASE CONTACT secalert IF THIS CONFUSES YOU.
Comment 3 Wade Mealing 2021-11-08 01:36:45 UTC 
This looks fixed in kernel-rt, closing  this up, feel free to re-open if i'm wrong.