CVE-2021-33910 kernel fix

Hi !
Just converted my CentOS 8.4 server to Rocky Linux 8.4 and have the latest available kernel but can’t seem to see CVE-2021-33910 on kernel change log

[root@ictmattm2 ~]# cat /etc/rocky-release ; uname -a; rpm -q kernel-4.18.0-305.10.2.el8_4.x86_64 --changelog | grep CVE-2021
Rocky Linux release 8.4 (Green Obsidian)
Linux 4.18.0-305.10.2.el8_4.x86_64 #1 SMP Tue Jul 20 20:34:55 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

  • seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975181 1975182] {CVE-2021-33909}
  • bluetooth: eliminate the potential race condition when removing the HCI controller (Gopal Tiwari) [1971464 1971488] {CVE-2021-32399}
  • Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962544 1962546] {CVE-2021-33034}
  • scsi: iscsi: Verify lengths on passthrough PDUs (Chris Leech) [1930833] {CVE-2021-27365}
  • scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (Chris Leech) [1930856] {CVE-2021-27363}
  • scsi: iscsi: Restrict sessions and handles to admin capabilities (Chris Leech) [1930809] {CVE-2021-27364}
  • net/vmw_vsock: fix NULL pointer dereference (Jon Maloy) [1925600] {CVE-2021-26708}
  • net/vmw_vsock: improve locking in vsock_connect_timeout() (Jon Maloy) [1925600] {CVE-2021-26708}
  • vsock: fix locking in vsock_shutdown() (Jon Maloy) [1925600] {CVE-2021-26708}
  • vsock: fix the race conditions in multi-transport support (Jon Maloy) [1925600] {CVE-2021-26708}
  • [netdrv] tun: fix return value when the number of iovs exceeds MAX_SKB_FRAGS (Antoine Tenart) [1919364 1917563] {CVE-2021-0342}
  • [netdrv] tun: correct header offsets in napi frags mode (Antoine Tenart) [1919364 1917563] {CVE-2021-0342}

Am I querying incorrectly or is there a new kernel coming that will fix CVE-2021-33910?


Pls. ignore this…

Of course , CVE-2021-33910 was a systemd vulnerability.
Just checked this package and can verify that this is addressed as per changelog

[root@ictmattm2 ~]# rpm -qa | grep systemd
root@ictmattm2 ~]# rpm -q systemd-239-45.el8_4.2.x86_64 --changelog | grep CVE-2021

  • basic/unit-name: do not use strdupa() on a path (CVE-2021-33910, #1974699)

I know that you figured it out, but for others that might read this thread, you can do a google search for the CVE at CVE - CVE-2021-33910

You can always look up CVEs at