Headline
RHSA-2022:7279: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
- CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)
- CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)
- CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
- hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
- hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
- hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- RHEL8.6[64TB/240c Denali]:" vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107491)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server - AUS 8.2 x86_64
- Red Hat Enterprise Linux Server - TUS 8.2 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)
- BZ - 2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)
- BZ - 2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
- BZ - 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
CVEs
- CVE-2022-2588
- CVE-2022-21123
- CVE-2022-21125
- CVE-2022-21166
Red Hat Enterprise Linux Server - AUS 8.2
SRPM
kernel-4.18.0-193.93.1.el8_2.src.rpm
SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e
x86_64
bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 72aee70404cdb4c73cc43c7187b3c6d2e3164f4bdcce489a0bb0e042128fff72
bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 169c933585aa582abcecae20a5df9e2d0157b77f98474acc0f1ffff5c7c59d5a
kernel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 44f8690def85d92f9335d13fa81e9d2ff713e8b4ed6503a3d678277bc500321c
kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd
kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2ae24bbcea542db82e37d94c28cb7e1bf6050208bfb92e54f8e5a3674e6460ba
kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 4add8e7795804f8656092994e4a43c1c4d136b85913f019a29f6c24311742e75
kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: f489dbfbd640d58281e6657c5d4e8af8cca25104000465216b02349879064ad9
kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 52d68aa3e50d827c8832dd3829f54773be52067bf73248b2156202146ccefaf7
kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 078dc63330885b0833ccbabc102e8a001eb64e3a5a3ba4015398a4febcb610b1
kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 0cfaa12f7616703c7e079ca24b19490659c18a27aef9819b513afc62b8b426d1
kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2cd50afab3ad90d7ee85cd8fb8f0960709f4698c15ccc6b8291ff4a9a0bb826f
kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 8ab4542dcc295b3df0a3965c695f24867e1080ff9fee8ecf8e312aad48ac424b
kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a7ffe529e33b1efc5c60f4a520dc42cfe9fe47d3b4410520977fbb2e6c8407df
kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 09ea541149ae44005d63c2ad8c88321717feb90997ec63a8a20596a9e05d2515
kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: be72d154ddca7097d54dacf30c0e1c02e481b082314df48af446a611ea9e2d50
kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602
kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a931496eb99c4332c190b780b159d0a0da9c9f40211429e6565f6b40d5333d5b
kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 42d2cedd8111a3daec97ceb4d23cccb7612b6d2a71b57fc18ed79ad9af8438a3
kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: b8990e9d73d435e9be96a3a16dd7ee30aaa637273f7783dc7dcc275887e43287
kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 3a7866bd681448978aaaae78f7ec6953a8841fc9adfd419045b77d558006722a
kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: ffc4a72cd3330bcf6ac40eaa2564e0db1c2a08df320b7bb0dfcaba64dc061c3e
kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2c996dac0bb8217d08d7f4a0701171ab1508a50d621165b87c959b6dbff80cee
perf-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 9b3be5c55f1383be9b06f1cabd5180d5d0860acb123e4e9e0cb6262f67e92bcc
perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a1c53bc18c466605d724df53c9d56df9ae8f03482b926a0511aa8ce9bd142f2d
python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 81aa300c21bd51ef3fa7b743d222618f5462dbd9bd5801c87a7a4ce68e472c58
python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a1290a357259dfdb30f1574fe00c662f46b2c1a63569a6c5045cdb4eb76a9799
Red Hat Enterprise Linux Server - TUS 8.2
SRPM
kernel-4.18.0-193.93.1.el8_2.src.rpm
SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e
x86_64
bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 72aee70404cdb4c73cc43c7187b3c6d2e3164f4bdcce489a0bb0e042128fff72
bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 169c933585aa582abcecae20a5df9e2d0157b77f98474acc0f1ffff5c7c59d5a
kernel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 44f8690def85d92f9335d13fa81e9d2ff713e8b4ed6503a3d678277bc500321c
kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd
kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2ae24bbcea542db82e37d94c28cb7e1bf6050208bfb92e54f8e5a3674e6460ba
kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 4add8e7795804f8656092994e4a43c1c4d136b85913f019a29f6c24311742e75
kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: f489dbfbd640d58281e6657c5d4e8af8cca25104000465216b02349879064ad9
kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 52d68aa3e50d827c8832dd3829f54773be52067bf73248b2156202146ccefaf7
kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 078dc63330885b0833ccbabc102e8a001eb64e3a5a3ba4015398a4febcb610b1
kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 0cfaa12f7616703c7e079ca24b19490659c18a27aef9819b513afc62b8b426d1
kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2cd50afab3ad90d7ee85cd8fb8f0960709f4698c15ccc6b8291ff4a9a0bb826f
kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 8ab4542dcc295b3df0a3965c695f24867e1080ff9fee8ecf8e312aad48ac424b
kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a7ffe529e33b1efc5c60f4a520dc42cfe9fe47d3b4410520977fbb2e6c8407df
kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 09ea541149ae44005d63c2ad8c88321717feb90997ec63a8a20596a9e05d2515
kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: be72d154ddca7097d54dacf30c0e1c02e481b082314df48af446a611ea9e2d50
kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602
kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a931496eb99c4332c190b780b159d0a0da9c9f40211429e6565f6b40d5333d5b
kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 42d2cedd8111a3daec97ceb4d23cccb7612b6d2a71b57fc18ed79ad9af8438a3
kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: b8990e9d73d435e9be96a3a16dd7ee30aaa637273f7783dc7dcc275887e43287
kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 3a7866bd681448978aaaae78f7ec6953a8841fc9adfd419045b77d558006722a
kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: ffc4a72cd3330bcf6ac40eaa2564e0db1c2a08df320b7bb0dfcaba64dc061c3e
kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2c996dac0bb8217d08d7f4a0701171ab1508a50d621165b87c959b6dbff80cee
perf-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 9b3be5c55f1383be9b06f1cabd5180d5d0860acb123e4e9e0cb6262f67e92bcc
perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a1c53bc18c466605d724df53c9d56df9ae8f03482b926a0511aa8ce9bd142f2d
python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 81aa300c21bd51ef3fa7b743d222618f5462dbd9bd5801c87a7a4ce68e472c58
python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a1290a357259dfdb30f1574fe00c662f46b2c1a63569a6c5045cdb4eb76a9799
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
kernel-4.18.0-193.93.1.el8_2.src.rpm
SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e
ppc64le
bpftool-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 96fd3f0b64ab11e687b4acb70ae28aa92c2fbd0935ffed093f2753f9dff91470
bpftool-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 8ab785469044f881a5beb36395d9ec130e9c979ee97267c5b9ae2b4f1fa6548e
kernel-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: d1b848cde98c39ce94e4f2e37e20a6a09a460fe0612b94ac178b7bfcd2df26dc
kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd
kernel-core-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 14818455a089dbe9f405bcd950d81d3fb93981dbbf5a2b63da822e97cb9588ca
kernel-cross-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: ca8e64f339883733dd689db0879a5eb0ad439838e2b64fdf89fd5ff7b47025c2
kernel-debug-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: a3b7267c656d42ddde3dd23b47fb58cda2dfd774d2e84f8655c12386ac03d1c1
kernel-debug-core-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 3688716db133bfc27319ee473011b487d11d3c6ad262e94003451c0b8c52b016
kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: bfbb591b92270c4ad2f4e4ee7bc0a5c7a538682f5e44a3ec4856aef7e1af9915
kernel-debug-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 20eacb2b5f8f5a268d82650aaf41eaf5cd95f315f17ac25986cfb1b9b79c8622
kernel-debug-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 6b9363f007ef4fd03ca123b29311cd012c27c7adad597e1eb8dc73919af45c34
kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 34b3c861b40a60332fdbfc99b4a8c4e094a2bce4bd548b53472ecc5efde7fc1b
kernel-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: d6dc01fd5aa3a43700c6017ad5d401bbd5f2ad9531c6caf3e2323936b8efda21
kernel-debuginfo-common-ppc64le-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 2b56fc49c3e40dc062bf0028dd09937bb5b3d5d7623fea4ebe033ab2a1db7b67
kernel-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: a6202c79e1ddeb1a5d3cec2baa3fb48fcb181813e7352c84460a2a7c7e585af0
kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602
kernel-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 16c29b85ddcfff72282131932aaed848d7ddfeac9cdc24816a4f184547c20dd2
kernel-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 894bc226dd2a39ed4a5718e949278ea1fa090b8e3becbc116dad62f4a6c1986b
kernel-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 458005aa16a85ca9f5f744a329b36ffc10f27f690acf9a6824ac239fb09cc5e1
kernel-tools-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: a9b2c84f1c36524b2835e6c6f5b1216ec38bf954d6413fd7b8fe21383420a7cc
kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 91eca8bf235a36600a069064896fee3e0a5d59cc216a9ca010381fe6d4dc329d
kernel-tools-libs-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 4309be6ff98afd5a0b4963402e3ef4d2c6b5f994c074e3e406175da19498965b
perf-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: d70a599b6d85577ae5c9c7ad580a8ff1b0ae0644526cc04db5504ec2fe6a1c94
perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: 5cd5f605e879f1ab76c587b62facb0cd1677f2a9a1ebc00d23ba1b56815812ad
python3-perf-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: fd33f1cc6b9cbfda70c5cfe8abcade41e339120abb80ea32c5de4ce67e52f114
python3-perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm
SHA-256: a6217b3eb10f5161fa8c8cf9dac49f2bfff34195ac7906d5eef5ada243c2bfb5
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
kernel-4.18.0-193.93.1.el8_2.src.rpm
SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e
x86_64
bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 72aee70404cdb4c73cc43c7187b3c6d2e3164f4bdcce489a0bb0e042128fff72
bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 169c933585aa582abcecae20a5df9e2d0157b77f98474acc0f1ffff5c7c59d5a
kernel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 44f8690def85d92f9335d13fa81e9d2ff713e8b4ed6503a3d678277bc500321c
kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd
kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2ae24bbcea542db82e37d94c28cb7e1bf6050208bfb92e54f8e5a3674e6460ba
kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 4add8e7795804f8656092994e4a43c1c4d136b85913f019a29f6c24311742e75
kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: f489dbfbd640d58281e6657c5d4e8af8cca25104000465216b02349879064ad9
kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 52d68aa3e50d827c8832dd3829f54773be52067bf73248b2156202146ccefaf7
kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 078dc63330885b0833ccbabc102e8a001eb64e3a5a3ba4015398a4febcb610b1
kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 0cfaa12f7616703c7e079ca24b19490659c18a27aef9819b513afc62b8b426d1
kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2cd50afab3ad90d7ee85cd8fb8f0960709f4698c15ccc6b8291ff4a9a0bb826f
kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 8ab4542dcc295b3df0a3965c695f24867e1080ff9fee8ecf8e312aad48ac424b
kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a7ffe529e33b1efc5c60f4a520dc42cfe9fe47d3b4410520977fbb2e6c8407df
kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 09ea541149ae44005d63c2ad8c88321717feb90997ec63a8a20596a9e05d2515
kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: be72d154ddca7097d54dacf30c0e1c02e481b082314df48af446a611ea9e2d50
kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm
SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602
kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a931496eb99c4332c190b780b159d0a0da9c9f40211429e6565f6b40d5333d5b
kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 42d2cedd8111a3daec97ceb4d23cccb7612b6d2a71b57fc18ed79ad9af8438a3
kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: b8990e9d73d435e9be96a3a16dd7ee30aaa637273f7783dc7dcc275887e43287
kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 3a7866bd681448978aaaae78f7ec6953a8841fc9adfd419045b77d558006722a
kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: ffc4a72cd3330bcf6ac40eaa2564e0db1c2a08df320b7bb0dfcaba64dc061c3e
kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 2c996dac0bb8217d08d7f4a0701171ab1508a50d621165b87c959b6dbff80cee
perf-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 9b3be5c55f1383be9b06f1cabd5180d5d0860acb123e4e9e0cb6262f67e92bcc
perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a1c53bc18c466605d724df53c9d56df9ae8f03482b926a0511aa8ce9bd142f2d
python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: 81aa300c21bd51ef3fa7b743d222618f5462dbd9bd5801c87a7a4ce68e472c58
python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm
SHA-256: a1290a357259dfdb30f1574fe00c662f46b2c1a63569a6c5045cdb4eb76a9799
Related news
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a l...
Categories: Exploits and vulnerabilities Categories: News Tags: CVE-2022-21123 Tags: CVE-2022-21125 Tags: CVE-2022-21127 Tags: CVE-2022-21166 Tags: Intel Tags: VMs Tags: microcode Microsoft has released out of band updates for information disclosure vulnerabilities in Intel CPUs, but who needs them? (Read more...) The post Intel CPU vulnerabilities fixed. But should you update? appeared first on Malwarebytes Labs.
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi...
Red Hat Security Advisory 2022-8609-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Issues addressed include a bypass vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-0854: ...
Logging Subsystem 5.5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...
Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.
Red Hat OpenShift Container Platform release 4.10.39 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: ...
Red Hat Security Advisory 2022-7171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu:...
Red Hat Security Advisory 2022-6991-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-6983-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-6978-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete clea...
Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.
Red Hat Security Advisory 2022-6437-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2022-6437-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2022-6437-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2022-6460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2022-6460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2022-6460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
Ubuntu Security Notice 5535-1 - Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.
Ubuntu Security Notice 5529-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service in the host OS.
Ubuntu Security Notice 5529-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service in the host OS.
Ubuntu Security Notice 5513-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5505-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5485-2 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 5485-2 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 5486-1 - It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.
Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.