FortiClient Vulnerability

RedHat kernel CVE-2020-36385 Use After Free Vulnerability

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after-free (CVE-2020-36385) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): scsi: ibmvfc: Avoid link down on FS9100 canister reboot (BZ#1882627) crash in qla2x00_status_entry() because of corrupt srb (BZ#1899599) qedf driver: race condition between qedf's completion work task and another work item tearing down an fcport with qedf_cleanup_fcport (BZ#1941766) The kernel crashes in hv_pci_remove_slots() upon hv device removal. A possible race between hv_pci_remove_slots() and pci_devices_present_work(). (BZ#1948961) I/O delays incorrectly handled in the NVMe stack (BZ#1981610) Data corruption in NFS client reusing slotid/seqid due to an interrupted slot (BZ#2007465) scsi: ibmvfc: Avoid link down on FS9100 canister reboot (BZ#1882627) crash in qla2x00_status_entry() because of corrupt srb (BZ#1899599) qedf driver: race condition between qedf's completion work task and another work item tearing down an fcport with qedf_cleanup_fcport (BZ#1941766) The kernel crashes in hv_pci_remove_slots() upon hv device removal. A possible race between hv_pci_remove_slots() and pci_devices_present_work(). (BZ#1948961) I/O delays incorrectly handled in the NVMe stack (BZ#1981610) Data corruption in NFS client reusing slotid/seqid due to an interrupted slot (BZ#2007465) SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258 The system must be rebooted for this update to take effect.