A flaw was found in the Transparent Inter-Process Communication (TIPC) functionality in the Linux kernel. This flaw can allow an attacker able to send MSG_CRYPTO messages to one of the interconnected nodes to exploit insufficient validation of user-supplied key sizes resulting in memory corruption and potentially privilege escalation. References: https://github.com/torvalds/linux/commit/fa40d9734a57bcbfa79a280189799f76c88f7bb0 https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.16 https://thehackernews.com/2021/11/critical-rce-vulnerability-reported-in.html
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2020493]
Per SRE, OSD is notaffected. "it isn't loaded by default and you'd need to run a priv'd container to get CAP_SYS_MODULE to be able to load it."
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4646 https://access.redhat.com/errata/RHSA-2021:4646
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2021:4648 https://access.redhat.com/errata/RHSA-2021:4648
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4645 https://access.redhat.com/errata/RHSA-2021:4645
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2021:4644 https://access.redhat.com/errata/RHSA-2021:4644
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2021:4650 https://access.redhat.com/errata/RHSA-2021:4650
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4647 https://access.redhat.com/errata/RHSA-2021:4647
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2021:4750 https://access.redhat.com/errata/RHSA-2021:4750
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-43267