Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-1476

A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.

CVE
#vulnerability#linux#red_hat#rpm#sap

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)
  • ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
  • kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)
  • kpatch: mm/mremap.c: incomplete fix for CVE-2022-41222 (CVE-2023-1476)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2152548 - CVE-2022-4378 kernel: stack overflow in do_proc_dointvec and proc_skip_spaces
  • BZ - 2159505 - CVE-2023-0386 kernel: FUSE filesystem low-privileged user privileges escalation
  • BZ - 2163379 - CVE-2023-0266 ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
  • BZ - 2176035 - CVE-2023-1476 kpatch: mm/mremap.c: incomplete fix for CVE-2022-41222

CVEs

  • CVE-2022-4378
  • CVE-2023-0266
  • CVE-2023-0386
  • CVE-2023-1476

Red Hat Enterprise Linux for x86_64 8

SRPM

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm

SHA-256: e872fdb82188cc699f36f2cbe61ea52dc61f425ad83b68afdcdd6a80212e7d9c

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm

SHA-256: 0f52bcea31d2be61f55ce3643195653d28bb8ff35b8f92c646cc94d59be99b1f

kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm

SHA-256: 03af08bdd51471b378f7edcfbf253ed18b365038e0db4afb0548b13aba6bbe3e

x86_64

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.x86_64.rpm

SHA-256: 6d433b6b85596a5c6aa58fcb5ff45415dd00abf61c50cf6cef95ba5a1a739eca

kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.x86_64.rpm

SHA-256: c4187a4fb8d70c102d135717b19ba71fc3755d799a712d4c26d9ea5e9a908ade

kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.x86_64.rpm

SHA-256: 64e783f1c838e12cf76b6b42b4f8b13fac21b196d19505ea6d108e623914c91b

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.x86_64.rpm

SHA-256: ed03e9eaa790c07229fee250d22160a9e74fdc4485f7a57658c1dea2a6108b3e

kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.x86_64.rpm

SHA-256: af51bdc1fa6595123ab68217f1d346ad0292bd52c4aa4ee472f2009588acd271

kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.x86_64.rpm

SHA-256: f497c202ab015e098852ce09bb94bad1912b0b258e147fe210d73fab269188e2

kpatch-patch-4_18_0-425_3_1-1-6.el8.x86_64.rpm

SHA-256: 2ccc2dd53b01ad7a9b60208c04912be93950134ae1f7e791b5becfa869f0d5f9

kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.x86_64.rpm

SHA-256: e79d55e1e249de0c8d4c1ac081d630a72d6bf1fbd4af981c4f6e8c72993e0591

kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.x86_64.rpm

SHA-256: 9ee13f349e3a81279c8c2cacfa71c1b82537f9c4fd1ae0a86d6d2ad1a6ee33f4

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm

SHA-256: e872fdb82188cc699f36f2cbe61ea52dc61f425ad83b68afdcdd6a80212e7d9c

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm

SHA-256: 0f52bcea31d2be61f55ce3643195653d28bb8ff35b8f92c646cc94d59be99b1f

kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm

SHA-256: 03af08bdd51471b378f7edcfbf253ed18b365038e0db4afb0548b13aba6bbe3e

x86_64

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.x86_64.rpm

SHA-256: 6d433b6b85596a5c6aa58fcb5ff45415dd00abf61c50cf6cef95ba5a1a739eca

kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.x86_64.rpm

SHA-256: c4187a4fb8d70c102d135717b19ba71fc3755d799a712d4c26d9ea5e9a908ade

kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.x86_64.rpm

SHA-256: 64e783f1c838e12cf76b6b42b4f8b13fac21b196d19505ea6d108e623914c91b

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.x86_64.rpm

SHA-256: ed03e9eaa790c07229fee250d22160a9e74fdc4485f7a57658c1dea2a6108b3e

kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.x86_64.rpm

SHA-256: af51bdc1fa6595123ab68217f1d346ad0292bd52c4aa4ee472f2009588acd271

kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.x86_64.rpm

SHA-256: f497c202ab015e098852ce09bb94bad1912b0b258e147fe210d73fab269188e2

kpatch-patch-4_18_0-425_3_1-1-6.el8.x86_64.rpm

SHA-256: 2ccc2dd53b01ad7a9b60208c04912be93950134ae1f7e791b5becfa869f0d5f9

kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.x86_64.rpm

SHA-256: e79d55e1e249de0c8d4c1ac081d630a72d6bf1fbd4af981c4f6e8c72993e0591

kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.x86_64.rpm

SHA-256: 9ee13f349e3a81279c8c2cacfa71c1b82537f9c4fd1ae0a86d6d2ad1a6ee33f4

Red Hat Enterprise Linux for Power, little endian 8

SRPM

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm

SHA-256: e872fdb82188cc699f36f2cbe61ea52dc61f425ad83b68afdcdd6a80212e7d9c

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm

SHA-256: 0f52bcea31d2be61f55ce3643195653d28bb8ff35b8f92c646cc94d59be99b1f

kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm

SHA-256: 03af08bdd51471b378f7edcfbf253ed18b365038e0db4afb0548b13aba6bbe3e

ppc64le

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.ppc64le.rpm

SHA-256: 48313af6a14d0cae5a41d2ea4769af355b908e0393c73b46101dc35255b698e0

kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.ppc64le.rpm

SHA-256: 9208da93648c7634deae31dcb5e9cbe5f22eaa469fb6dfe846750b44b406ec40

kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.ppc64le.rpm

SHA-256: 1b703653ec7952f1d0d87aa482e4c98be981403a77374bf19cc0277e0b3e92f1

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.ppc64le.rpm

SHA-256: 67243a7de9b0c93fcc89df893b8143814db46b8b9862723a23bb9e33b8598f4f

kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.ppc64le.rpm

SHA-256: 4aa7c3d8def9371f6a31b415bda07be1754e3fe78e50d6ce966f580a038562c9

kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.ppc64le.rpm

SHA-256: 1191fdcf1ee9395805dbae787422a877cfae4a353f925cb92b4b30ca3d92afee

kpatch-patch-4_18_0-425_3_1-1-6.el8.ppc64le.rpm

SHA-256: 151792425cf2b6f2eb0d2ca81326975c90b6b4890248a861de943e9238dde708

kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.ppc64le.rpm

SHA-256: 5474849ef939672cf484a5e00d1c746876ffb3cd4381764afbb281b194cd87f9

kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.ppc64le.rpm

SHA-256: dd2116cf07c3928dd277f6e6d6e586347e5b6c7932303d9828636fbc806f951d

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm

SHA-256: e872fdb82188cc699f36f2cbe61ea52dc61f425ad83b68afdcdd6a80212e7d9c

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm

SHA-256: 0f52bcea31d2be61f55ce3643195653d28bb8ff35b8f92c646cc94d59be99b1f

kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm

SHA-256: 03af08bdd51471b378f7edcfbf253ed18b365038e0db4afb0548b13aba6bbe3e

ppc64le

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.ppc64le.rpm

SHA-256: 48313af6a14d0cae5a41d2ea4769af355b908e0393c73b46101dc35255b698e0

kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.ppc64le.rpm

SHA-256: 9208da93648c7634deae31dcb5e9cbe5f22eaa469fb6dfe846750b44b406ec40

kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.ppc64le.rpm

SHA-256: 1b703653ec7952f1d0d87aa482e4c98be981403a77374bf19cc0277e0b3e92f1

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.ppc64le.rpm

SHA-256: 67243a7de9b0c93fcc89df893b8143814db46b8b9862723a23bb9e33b8598f4f

kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.ppc64le.rpm

SHA-256: 4aa7c3d8def9371f6a31b415bda07be1754e3fe78e50d6ce966f580a038562c9

kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.ppc64le.rpm

SHA-256: 1191fdcf1ee9395805dbae787422a877cfae4a353f925cb92b4b30ca3d92afee

kpatch-patch-4_18_0-425_3_1-1-6.el8.ppc64le.rpm

SHA-256: 151792425cf2b6f2eb0d2ca81326975c90b6b4890248a861de943e9238dde708

kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.ppc64le.rpm

SHA-256: 5474849ef939672cf484a5e00d1c746876ffb3cd4381764afbb281b194cd87f9

kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.ppc64le.rpm

SHA-256: dd2116cf07c3928dd277f6e6d6e586347e5b6c7932303d9828636fbc806f951d

Red Hat Enterprise Linux Server - TUS 8.8

SRPM

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm

SHA-256: e872fdb82188cc699f36f2cbe61ea52dc61f425ad83b68afdcdd6a80212e7d9c

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm

SHA-256: 0f52bcea31d2be61f55ce3643195653d28bb8ff35b8f92c646cc94d59be99b1f

kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm

SHA-256: 03af08bdd51471b378f7edcfbf253ed18b365038e0db4afb0548b13aba6bbe3e

x86_64

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.x86_64.rpm

SHA-256: 6d433b6b85596a5c6aa58fcb5ff45415dd00abf61c50cf6cef95ba5a1a739eca

kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.x86_64.rpm

SHA-256: c4187a4fb8d70c102d135717b19ba71fc3755d799a712d4c26d9ea5e9a908ade

kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.x86_64.rpm

SHA-256: 64e783f1c838e12cf76b6b42b4f8b13fac21b196d19505ea6d108e623914c91b

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.x86_64.rpm

SHA-256: ed03e9eaa790c07229fee250d22160a9e74fdc4485f7a57658c1dea2a6108b3e

kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.x86_64.rpm

SHA-256: af51bdc1fa6595123ab68217f1d346ad0292bd52c4aa4ee472f2009588acd271

kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.x86_64.rpm

SHA-256: f497c202ab015e098852ce09bb94bad1912b0b258e147fe210d73fab269188e2

kpatch-patch-4_18_0-425_3_1-1-6.el8.x86_64.rpm

SHA-256: 2ccc2dd53b01ad7a9b60208c04912be93950134ae1f7e791b5becfa869f0d5f9

kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.x86_64.rpm

SHA-256: e79d55e1e249de0c8d4c1ac081d630a72d6bf1fbd4af981c4f6e8c72993e0591

kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.x86_64.rpm

SHA-256: 9ee13f349e3a81279c8c2cacfa71c1b82537f9c4fd1ae0a86d6d2ad1a6ee33f4

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm

SHA-256: e872fdb82188cc699f36f2cbe61ea52dc61f425ad83b68afdcdd6a80212e7d9c

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm

SHA-256: 0f52bcea31d2be61f55ce3643195653d28bb8ff35b8f92c646cc94d59be99b1f

kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm

SHA-256: 03af08bdd51471b378f7edcfbf253ed18b365038e0db4afb0548b13aba6bbe3e

ppc64le

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.ppc64le.rpm

SHA-256: 48313af6a14d0cae5a41d2ea4769af355b908e0393c73b46101dc35255b698e0

kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.ppc64le.rpm

SHA-256: 9208da93648c7634deae31dcb5e9cbe5f22eaa469fb6dfe846750b44b406ec40

kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.ppc64le.rpm

SHA-256: 1b703653ec7952f1d0d87aa482e4c98be981403a77374bf19cc0277e0b3e92f1

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.ppc64le.rpm

SHA-256: 67243a7de9b0c93fcc89df893b8143814db46b8b9862723a23bb9e33b8598f4f

kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.ppc64le.rpm

SHA-256: 4aa7c3d8def9371f6a31b415bda07be1754e3fe78e50d6ce966f580a038562c9

kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.ppc64le.rpm

SHA-256: 1191fdcf1ee9395805dbae787422a877cfae4a353f925cb92b4b30ca3d92afee

kpatch-patch-4_18_0-425_3_1-1-6.el8.ppc64le.rpm

SHA-256: 151792425cf2b6f2eb0d2ca81326975c90b6b4890248a861de943e9238dde708

kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.ppc64le.rpm

SHA-256: 5474849ef939672cf484a5e00d1c746876ffb3cd4381764afbb281b194cd87f9

kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.ppc64le.rpm

SHA-256: dd2116cf07c3928dd277f6e6d6e586347e5b6c7932303d9828636fbc806f951d

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm

SHA-256: e872fdb82188cc699f36f2cbe61ea52dc61f425ad83b68afdcdd6a80212e7d9c

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm

SHA-256: 0f52bcea31d2be61f55ce3643195653d28bb8ff35b8f92c646cc94d59be99b1f

kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm

SHA-256: 03af08bdd51471b378f7edcfbf253ed18b365038e0db4afb0548b13aba6bbe3e

x86_64

kpatch-patch-4_18_0-425_10_1-1-4.el8_7.x86_64.rpm

SHA-256: 6d433b6b85596a5c6aa58fcb5ff45415dd00abf61c50cf6cef95ba5a1a739eca

kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.x86_64.rpm

SHA-256: c4187a4fb8d70c102d135717b19ba71fc3755d799a712d4c26d9ea5e9a908ade

kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.x86_64.rpm

SHA-256: 64e783f1c838e12cf76b6b42b4f8b13fac21b196d19505ea6d108e623914c91b

kpatch-patch-4_18_0-425_13_1-1-2.el8_7.x86_64.rpm

SHA-256: ed03e9eaa790c07229fee250d22160a9e74fdc4485f7a57658c1dea2a6108b3e

kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.x86_64.rpm

SHA-256: af51bdc1fa6595123ab68217f1d346ad0292bd52c4aa4ee472f2009588acd271

kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.x86_64.rpm

SHA-256: f497c202ab015e098852ce09bb94bad1912b0b258e147fe210d73fab269188e2

kpatch-patch-4_18_0-425_3_1-1-6.el8.x86_64.rpm

SHA-256: 2ccc2dd53b01ad7a9b60208c04912be93950134ae1f7e791b5becfa869f0d5f9

kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.x86_64.rpm

SHA-256: e79d55e1e249de0c8d4c1ac081d630a72d6bf1fbd4af981c4f6e8c72993e0591

kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.x86_64.rpm

SHA-256: 9ee13f349e3a81279c8c2cacfa71c1b82537f9c4fd1ae0a86d6d2ad1a6ee33f4

Related news

Linux OverlayFS Local Privilege Escalation

This Metasploit module exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Red Hat Security Advisory 2023-3491-01

Red Hat Security Advisory 2023-3491-01 - An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

RHSA-2023:3491: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or poten...

RHSA-2023:3491: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or poten...

Red Hat Security Advisory 2023-1980-01

Red Hat Security Advisory 2023-1980-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2023-1970-01

Red Hat Security Advisory 2023-1970-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

RHSA-2023:1984: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges o...

RHSA-2023:1980: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on t...

Red Hat Security Advisory 2023-1822-01

Red Hat Security Advisory 2023-1822-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

RHSA-2023:1703: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

RHSA-2023:1705: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4378: A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

RHSA-2023:1681: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

RHSA-2023:1677: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update batch#5 (oVirt-4.5.3-5)

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23521: A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, ...

RHSA-2023:1677: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update batch#5 (oVirt-4.5.3-5)

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23521: A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, ...

Red Hat Security Advisory 2023-1659-01

Red Hat Security Advisory 2023-1659-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-1590-01

Red Hat Security Advisory 2023-1590-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

RHSA-2023:1659: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4378: A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux So...

RHSA-2023:1660: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak problem. * CVE...

RHSA-2023:1660: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak problem. * CVE...

Red Hat Security Advisory 2023-1588-01

Red Hat Security Advisory 2023-1588-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

RHSA-2023:1554: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in the ALSA subsystem in sound/core/control.c in the Linux kernel. This flaw allows a local attacker to cause a use-after-free issue. * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux...

Ubuntu Security Notice USN-5979-1

Ubuntu Security Notice 5979-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service.

RHSA-2023:1471: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4744: A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-0266: A use-after-free flaw was found in the...

CVE-2023-0386

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Red Hat Security Advisory 2023-1192-01

Red Hat Security Advisory 2023-1192-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

RHSA-2023:1192: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-41222: A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space account...

Ubuntu Security Notice USN-5940-1

Ubuntu Security Notice 5940-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-5934-1

Ubuntu Security Notice 5934-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

Red Hat Security Advisory 2023-1101-01

Red Hat Security Advisory 2023-1101-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-1103-01

Red Hat Security Advisory 2023-1103-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Ubuntu Security Notice USN-5927-1

Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

RHSA-2023:1130: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking co...

RHSA-2023:1101: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4378: A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Ubuntu Security Notice USN-5917-1

Ubuntu Security Notice 5917-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5917-1

Ubuntu Security Notice 5917-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

Red Hat Security Advisory 2023-1008-01

Red Hat Security Advisory 2023-1008-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.

RHSA-2023:0944: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4378: A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalat...

Red Hat Security Advisory 2023-0839-01

Red Hat Security Advisory 2023-0839-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and use-after-free vulnerabilities.

RHSA-2023:0839: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41222: A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code in how a race condition happens between rmap walk and mremap. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2022-43945: A buffer overflow flaw was found in the Linux kernel nfsd (...

Kernel Live Patch Security Notice LNS-0091-1

It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Sonke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

Ubuntu Security Notice USN-5799-1

Ubuntu Security Notice 5799-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.

CVE-2022-41802: en/security-disclosure/2022/2022-12.md · OpenHarmony/security - Gitee.com

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.

Ubuntu Security Notice USN-5728-1

Ubuntu Security Notice 5728-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907