This announcement is no longer on the scientificlinux.org website, and I according to Red Hat's website it has not published patches for any of these CVEs on RHEL 7. Was the announcement a mistake and it has been withdrawn?
Dave On Tue, Aug 17, 2021 at 03:45:39PM -0000, Scott Reid wrote on scientific-linux-errata: > Synopsis: Important: kernel security update > Advisory ID: SLSA-2021:3173-1 > Issue Date: 2021-08-17 > CVE Numbers: CVE-2021-22543 > CVE-2021-32399 > CVE-2021-22555 > -- > > Security Fix(es): > > * kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO > checks (CVE-2021-22543) > > * kernel: out-of-bounds write in xt_compat_target_from_user() in > net/netfilter/x_tables.c (CVE-2021-22555) > > * kernel: race condition for removal of the HCI controller > (CVE-2021-32399) > > For more details about the security issue(s), including the impact, a CVSS > score, acknowledgments, and other related information, refer to the CVE > -- > > - Scientific Linux Development Team