Hide Forgot
Another possible race with Unix domain socket garbage collection that can lead to read memory after free. Older more or less similar issue is the CVE-2021-0920 with the fix commit cbcf01128d0a ("af_unix: fix garbage collect vs MSG_PEEK"). This race happens if the file handler in the process of being closed, the close() could happen before fget(), and then garbage collector can get confused by seeing this situation of having seen a file not having any remaining external references and then seeing it being attached to an fd. Reference and upstream patch: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=054aa8d439b9
Created oVirt tracking bug for this issue: Affects: oVirt Node 4.4 [ #2056596 ]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:0821 https://access.redhat.com/errata/RHSA-2022:0821
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:0823 https://access.redhat.com/errata/RHSA-2022:0823
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:0820 https://access.redhat.com/errata/RHSA-2022:0820
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:0851 https://access.redhat.com/errata/RHSA-2022:0851
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2022:0925 https://access.redhat.com/errata/RHSA-2022:0925
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions Via RHSA-2022:0958 https://access.redhat.com/errata/RHSA-2022:0958
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Via RHSA-2022:1104 https://access.redhat.com/errata/RHSA-2022:1104
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions Via RHSA-2022:1103 https://access.redhat.com/errata/RHSA-2022:1103
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Advanced Update Support Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions Red Hat Enterprise Linux 7.6 Telco Extended Update Support Via RHSA-2022:1107 https://access.redhat.com/errata/RHSA-2022:1107
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:1185 https://access.redhat.com/errata/RHSA-2022:1185
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:1198 https://access.redhat.com/errata/RHSA-2022:1198
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2022:1199 https://access.redhat.com/errata/RHSA-2022:1199
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2022:1263 https://access.redhat.com/errata/RHSA-2022:1263
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Advanced Update Support Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions Red Hat Enterprise Linux 7.7 Telco Extended Update Support Via RHSA-2022:1324 https://access.redhat.com/errata/RHSA-2022:1324
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions Via RHSA-2022:1373 https://access.redhat.com/errata/RHSA-2022:1373
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1413 https://access.redhat.com/errata/RHSA-2022:1413
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1418 https://access.redhat.com/errata/RHSA-2022:1418
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.4 Extended Update Support Via RHSA-2022:1455 https://access.redhat.com/errata/RHSA-2022:1455
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1975 https://access.redhat.com/errata/RHSA-2022:1975
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1988 https://access.redhat.com/errata/RHSA-2022:1988
This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Via RHSA-2022:2189 https://access.redhat.com/errata/RHSA-2022:2189
This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2022:4896 https://access.redhat.com/errata/RHSA-2022:4896
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-4083