Headline
Red Hat Security Advisory 2022-6610-01
Red Hat Security Advisory 2022-6610-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and heap overflow vulnerabilities.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Important: kernel security, bug fix, and enhancement update
Advisory ID: RHSA-2022:6610-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:6610
Issue date: 2022-09-20
CVE Names: CVE-2022-2078 CVE-2022-34918
=====================================================================
- Summary:
An update for kernel is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 9) - aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Security Fix(es):
kernel: heap overflow in nft_set_elem_init() (CVE-2022-34918)
kernel: vulnerability of buffer overflow in nft_set_desc_concat_parse()
(CVE-2022-2078)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
RDMA/mlx5: Fix number of allocated XLT entries (BZ#2092270)
mlx5, Setup hanged when run test-route-nexthop-object.sh (BZ#2092535)
many call traces from unchecked MSR access error: WRMSR to 0x199 in
amazon i4.32xlarge instance (BZ#2099417)X86/platform/UV: Kernel Support Fixes for UV5 platform (BZ#2107732)
block layer: fixes for md sync slow and softlockup at
blk_mq_sched_dispatch_requests [9.0.0.z] (BZ#2111395)Fixes for NVMe/TCP dereferences an invalid, non-canonical pointer, kernel
panic (BZ#2117755)Adding missing nvme fix to RHEL-9.1 (BZ#2117756)
nvme/tcp mistakenly uses blk_mq_tag_to_rq(nvme_tcp_tagset(queue)
(BZ#2118698)Important ice bug fixes (BZ#2119290)
Power 9/ppc64le Incorrect Socket(s) & “Core(s) per socket” reported by
lscpu command. (BZ#2121719)
Enhancement(s):
lscpu does not show all of the support AMX flags (amx_int8, amx_bf16)
(BZ#2108203)ice: Driver Update (BZ#2108204)
iavf: Driver Update (BZ#2119477)
i40e: Driver Update (BZ#2119479)
- Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
- Bugs fixed (https://bugzilla.redhat.com/):
2096178 - CVE-2022-2078 kernel: Vulnerability of buffer overflow in nft_set_desc_concat_parse()
2104423 - CVE-2022-34918 kernel: heap overflow in nft_set_elem_init()
- Package List:
Red Hat Enterprise Linux AppStream (v. 9):
aarch64:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-devel-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-devel-matched-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-devel-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-devel-matched-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-headers-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
perf-5.14.0-70.26.1.el9_0.aarch64.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
noarch:
kernel-doc-5.14.0-70.26.1.el9_0.noarch.rpm
ppc64le:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-devel-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-devel-matched-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-devel-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-devel-matched-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-headers-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
perf-5.14.0-70.26.1.el9_0.ppc64le.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
s390x:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-devel-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-devel-matched-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-devel-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-devel-matched-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-headers-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-devel-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-devel-matched-5.14.0-70.26.1.el9_0.s390x.rpm
perf-5.14.0-70.26.1.el9_0.s390x.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
x86_64:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-devel-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-devel-matched-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-devel-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-devel-matched-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-headers-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
perf-5.14.0-70.26.1.el9_0.x86_64.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 9):
Source:
kernel-5.14.0-70.26.1.el9_0.src.rpm
aarch64:
bpftool-5.14.0-70.26.1.el9_0.aarch64.rpm
bpftool-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-core-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-core-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-modules-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-modules-extra-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-modules-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-modules-extra-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-tools-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-tools-libs-5.14.0-70.26.1.el9_0.aarch64.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
python3-perf-5.14.0-70.26.1.el9_0.aarch64.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
noarch:
kernel-abi-stablelists-5.14.0-70.26.1.el9_0.noarch.rpm
ppc64le:
bpftool-5.14.0-70.26.1.el9_0.ppc64le.rpm
bpftool-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-core-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-core-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-modules-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-modules-extra-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-modules-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-modules-extra-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-tools-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-tools-libs-5.14.0-70.26.1.el9_0.ppc64le.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
python3-perf-5.14.0-70.26.1.el9_0.ppc64le.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
s390x:
bpftool-5.14.0-70.26.1.el9_0.s390x.rpm
bpftool-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-core-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-core-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-modules-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-modules-extra-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-modules-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-modules-extra-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-tools-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-core-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-modules-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-modules-extra-5.14.0-70.26.1.el9_0.s390x.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
python3-perf-5.14.0-70.26.1.el9_0.s390x.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
x86_64:
bpftool-5.14.0-70.26.1.el9_0.x86_64.rpm
bpftool-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-core-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-core-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-modules-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-modules-extra-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-modules-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-modules-extra-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-tools-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-tools-libs-5.14.0-70.26.1.el9_0.x86_64.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
python3-perf-5.14.0-70.26.1.el9_0.x86_64.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 9):
aarch64:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-cross-headers-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-debuginfo-common-aarch64-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
kernel-tools-libs-devel-5.14.0-70.26.1.el9_0.aarch64.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.aarch64.rpm
ppc64le:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-cross-headers-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-debuginfo-common-ppc64le-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
kernel-tools-libs-devel-5.14.0-70.26.1.el9_0.ppc64le.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.ppc64le.rpm
s390x:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-cross-headers-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-debuginfo-common-s390x-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
kernel-zfcpdump-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.s390x.rpm
x86_64:
bpftool-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-cross-headers-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debug-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-debuginfo-common-x86_64-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-tools-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
kernel-tools-libs-devel-5.14.0-70.26.1.el9_0.x86_64.rpm
perf-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
python3-perf-debuginfo-5.14.0-70.26.1.el9_0.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2022-2078
https://access.redhat.com/security/cve/CVE-2022-34918
https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is [email protected]. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBYypfhdzjgjWX9erEAQjSpg//Y3ak+k0a3QlbNSwSEH9F0GLE0KOV9tk+
xPp+xXuUzNJ7iQ3+UhgksBs1faIBtvNgpURFZ2xsvIY3Z1TtuK0G7bBLffd0yO9J
6fTDVZmeeCrlmwrWtKCT/2rm10tAk/zQA2BftzG6M/1fcFjfKB1N/k+KXwp9Jt/n
1WC19sEAZWAUGW2Fxe7500HvN6Q/24EWPn2OcYGdXzS/XNqJwdK148OYg0A6pBtT
hk7NOXMJr8fTABdg3BPnEXly1udTUgJnF0gvOl0tB6WNLxnHxc/61XnWIAk9/OYp
DchPL+f7G/lH+5O2EgJG5OaFaUrznkbu8U1zEGOS1rZCdP9kMrX552P60jD4br4/
K1YASzwh6bp9UqJKtBEW6O2hX+s89o8Hzuyrdnz8Cy2AMD8Q0ceqnu8bTWhKHf/l
daeLjh2vLXNRMeQZEpaYtiOOQNIGmVA1n/Zd1A+GoNcFmvGbQ4+G8l18GSvXc09V
A0o5vL6fwssDeLCkuQi+pw5YBgvPC083Q9tQH9TS2Fr13unk5H3bj3duMzI4t0Ao
g0E+jKR7VaVCA2B0syXr5XyWqKZ4pFIQZKq547LpdjivCLnvuD3WsTNwGxTkSm2u
Aq0jQvXi2A2bZwd+PrsfWqAqVr9i7G3+vElmsPD9p6tajT4z/1iCbhC0YMqncE7P
aCsumFjp/qg=
=bwiS
-----END PGP SIGNATURE-----
–
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Related news
Red Hat Security Advisory 2024-0724-03 - An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, privilege escalation, and use-after-free vulnerabilities.
By Habiba Rashid At the time of writing, all reported fake repositories have been taken down and the malicious PoC has been removed from GitHub. This is a post from HackRead.com Read the original post: Fake GitHub Repos Caught Dropping Malware as PoCs AGAIN!
Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General Availability release images, which provide security updates, fix bugs, and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3517: nodejs-minimatch: ReDoS via the braceExpand function * CVE-2022-41912: crewjam/saml: Authentication bypass when processing SAML responses containing multiple Assertion elements
Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.
Openshift Logging Bug Fix Release (5.3.14) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays
Red Hat Security Advisory 2022-8781-01 - Logging Subsystem for Red Hat OpenShift has a security update. Issues addressed include a denial of service vulnerability.
Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large arguments...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large argume...
An issue was discovered in the Linux kernel through version 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges. The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access. The issue exists in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
Red Hat Security Advisory 2022-6592-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a heap overflow vulnerability.
Red Hat Security Advisory 2022-6582-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and heap overflow vulnerabilities.
Red Hat Security Advisory 2022-6582-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and heap overflow vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2078: kernel: Vulnerability of buffer overflow in nft_set_desc_concat_parse() * CVE-2022-34918: kernel: heap overflow in nft_set_elem_init()
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2078: kernel: Vulnerability of buffer overflow in nft_set_desc_concat_parse() * CVE-2022-34918: kernel: heap overflow in nft_set_elem_init()
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. Various other vulnerabilities were also discovered.
Ubuntu Security Notice 5582-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5566-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5564-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5560-2 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5545-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations.
Ubuntu Security Notice 5544-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Felix Fu discovered that the Sun RPC implementation in the Linux kernel did not properly handle socket states, leading to a use-after-free vulnerability. A remote attacker could possibly use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5529-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service in the host OS.
An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.