Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7279: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
  • CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)
  • CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)
  • CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
Red Hat Security Data
#vulnerability#linux#red_hat#sap

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
  • hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) (CVE-2022-21123)
  • hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)
  • hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW) (CVE-2022-21166)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • RHEL8.6[64TB/240c Denali]:" vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107491)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 8.2 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.2 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64

Fixes

  • BZ - 2090237 - CVE-2022-21123 hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR)
  • BZ - 2090240 - CVE-2022-21125 hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS)
  • BZ - 2090241 - CVE-2022-21166 hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)
  • BZ - 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

CVEs

  • CVE-2022-2588
  • CVE-2022-21123
  • CVE-2022-21125
  • CVE-2022-21166

Red Hat Enterprise Linux Server - AUS 8.2

SRPM

kernel-4.18.0-193.93.1.el8_2.src.rpm

SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e

x86_64

bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 72aee70404cdb4c73cc43c7187b3c6d2e3164f4bdcce489a0bb0e042128fff72

bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 169c933585aa582abcecae20a5df9e2d0157b77f98474acc0f1ffff5c7c59d5a

kernel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 44f8690def85d92f9335d13fa81e9d2ff713e8b4ed6503a3d678277bc500321c

kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd

kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2ae24bbcea542db82e37d94c28cb7e1bf6050208bfb92e54f8e5a3674e6460ba

kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 4add8e7795804f8656092994e4a43c1c4d136b85913f019a29f6c24311742e75

kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: f489dbfbd640d58281e6657c5d4e8af8cca25104000465216b02349879064ad9

kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 52d68aa3e50d827c8832dd3829f54773be52067bf73248b2156202146ccefaf7

kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 078dc63330885b0833ccbabc102e8a001eb64e3a5a3ba4015398a4febcb610b1

kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 0cfaa12f7616703c7e079ca24b19490659c18a27aef9819b513afc62b8b426d1

kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2cd50afab3ad90d7ee85cd8fb8f0960709f4698c15ccc6b8291ff4a9a0bb826f

kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 8ab4542dcc295b3df0a3965c695f24867e1080ff9fee8ecf8e312aad48ac424b

kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a7ffe529e33b1efc5c60f4a520dc42cfe9fe47d3b4410520977fbb2e6c8407df

kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 09ea541149ae44005d63c2ad8c88321717feb90997ec63a8a20596a9e05d2515

kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: be72d154ddca7097d54dacf30c0e1c02e481b082314df48af446a611ea9e2d50

kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602

kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a931496eb99c4332c190b780b159d0a0da9c9f40211429e6565f6b40d5333d5b

kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 42d2cedd8111a3daec97ceb4d23cccb7612b6d2a71b57fc18ed79ad9af8438a3

kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: b8990e9d73d435e9be96a3a16dd7ee30aaa637273f7783dc7dcc275887e43287

kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 3a7866bd681448978aaaae78f7ec6953a8841fc9adfd419045b77d558006722a

kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: ffc4a72cd3330bcf6ac40eaa2564e0db1c2a08df320b7bb0dfcaba64dc061c3e

kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2c996dac0bb8217d08d7f4a0701171ab1508a50d621165b87c959b6dbff80cee

perf-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 9b3be5c55f1383be9b06f1cabd5180d5d0860acb123e4e9e0cb6262f67e92bcc

perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a1c53bc18c466605d724df53c9d56df9ae8f03482b926a0511aa8ce9bd142f2d

python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 81aa300c21bd51ef3fa7b743d222618f5462dbd9bd5801c87a7a4ce68e472c58

python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a1290a357259dfdb30f1574fe00c662f46b2c1a63569a6c5045cdb4eb76a9799

Red Hat Enterprise Linux Server - TUS 8.2

SRPM

kernel-4.18.0-193.93.1.el8_2.src.rpm

SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e

x86_64

bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 72aee70404cdb4c73cc43c7187b3c6d2e3164f4bdcce489a0bb0e042128fff72

bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 169c933585aa582abcecae20a5df9e2d0157b77f98474acc0f1ffff5c7c59d5a

kernel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 44f8690def85d92f9335d13fa81e9d2ff713e8b4ed6503a3d678277bc500321c

kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd

kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2ae24bbcea542db82e37d94c28cb7e1bf6050208bfb92e54f8e5a3674e6460ba

kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 4add8e7795804f8656092994e4a43c1c4d136b85913f019a29f6c24311742e75

kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: f489dbfbd640d58281e6657c5d4e8af8cca25104000465216b02349879064ad9

kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 52d68aa3e50d827c8832dd3829f54773be52067bf73248b2156202146ccefaf7

kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 078dc63330885b0833ccbabc102e8a001eb64e3a5a3ba4015398a4febcb610b1

kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 0cfaa12f7616703c7e079ca24b19490659c18a27aef9819b513afc62b8b426d1

kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2cd50afab3ad90d7ee85cd8fb8f0960709f4698c15ccc6b8291ff4a9a0bb826f

kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 8ab4542dcc295b3df0a3965c695f24867e1080ff9fee8ecf8e312aad48ac424b

kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a7ffe529e33b1efc5c60f4a520dc42cfe9fe47d3b4410520977fbb2e6c8407df

kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 09ea541149ae44005d63c2ad8c88321717feb90997ec63a8a20596a9e05d2515

kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: be72d154ddca7097d54dacf30c0e1c02e481b082314df48af446a611ea9e2d50

kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602

kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a931496eb99c4332c190b780b159d0a0da9c9f40211429e6565f6b40d5333d5b

kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 42d2cedd8111a3daec97ceb4d23cccb7612b6d2a71b57fc18ed79ad9af8438a3

kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: b8990e9d73d435e9be96a3a16dd7ee30aaa637273f7783dc7dcc275887e43287

kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 3a7866bd681448978aaaae78f7ec6953a8841fc9adfd419045b77d558006722a

kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: ffc4a72cd3330bcf6ac40eaa2564e0db1c2a08df320b7bb0dfcaba64dc061c3e

kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2c996dac0bb8217d08d7f4a0701171ab1508a50d621165b87c959b6dbff80cee

perf-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 9b3be5c55f1383be9b06f1cabd5180d5d0860acb123e4e9e0cb6262f67e92bcc

perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a1c53bc18c466605d724df53c9d56df9ae8f03482b926a0511aa8ce9bd142f2d

python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 81aa300c21bd51ef3fa7b743d222618f5462dbd9bd5801c87a7a4ce68e472c58

python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a1290a357259dfdb30f1574fe00c662f46b2c1a63569a6c5045cdb4eb76a9799

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2

SRPM

kernel-4.18.0-193.93.1.el8_2.src.rpm

SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e

ppc64le

bpftool-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 96fd3f0b64ab11e687b4acb70ae28aa92c2fbd0935ffed093f2753f9dff91470

bpftool-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 8ab785469044f881a5beb36395d9ec130e9c979ee97267c5b9ae2b4f1fa6548e

kernel-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: d1b848cde98c39ce94e4f2e37e20a6a09a460fe0612b94ac178b7bfcd2df26dc

kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd

kernel-core-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 14818455a089dbe9f405bcd950d81d3fb93981dbbf5a2b63da822e97cb9588ca

kernel-cross-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: ca8e64f339883733dd689db0879a5eb0ad439838e2b64fdf89fd5ff7b47025c2

kernel-debug-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: a3b7267c656d42ddde3dd23b47fb58cda2dfd774d2e84f8655c12386ac03d1c1

kernel-debug-core-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 3688716db133bfc27319ee473011b487d11d3c6ad262e94003451c0b8c52b016

kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: bfbb591b92270c4ad2f4e4ee7bc0a5c7a538682f5e44a3ec4856aef7e1af9915

kernel-debug-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 20eacb2b5f8f5a268d82650aaf41eaf5cd95f315f17ac25986cfb1b9b79c8622

kernel-debug-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 6b9363f007ef4fd03ca123b29311cd012c27c7adad597e1eb8dc73919af45c34

kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 34b3c861b40a60332fdbfc99b4a8c4e094a2bce4bd548b53472ecc5efde7fc1b

kernel-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: d6dc01fd5aa3a43700c6017ad5d401bbd5f2ad9531c6caf3e2323936b8efda21

kernel-debuginfo-common-ppc64le-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 2b56fc49c3e40dc062bf0028dd09937bb5b3d5d7623fea4ebe033ab2a1db7b67

kernel-devel-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: a6202c79e1ddeb1a5d3cec2baa3fb48fcb181813e7352c84460a2a7c7e585af0

kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602

kernel-headers-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 16c29b85ddcfff72282131932aaed848d7ddfeac9cdc24816a4f184547c20dd2

kernel-modules-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 894bc226dd2a39ed4a5718e949278ea1fa090b8e3becbc116dad62f4a6c1986b

kernel-modules-extra-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 458005aa16a85ca9f5f744a329b36ffc10f27f690acf9a6824ac239fb09cc5e1

kernel-tools-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: a9b2c84f1c36524b2835e6c6f5b1216ec38bf954d6413fd7b8fe21383420a7cc

kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 91eca8bf235a36600a069064896fee3e0a5d59cc216a9ca010381fe6d4dc329d

kernel-tools-libs-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 4309be6ff98afd5a0b4963402e3ef4d2c6b5f994c074e3e406175da19498965b

perf-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: d70a599b6d85577ae5c9c7ad580a8ff1b0ae0644526cc04db5504ec2fe6a1c94

perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: 5cd5f605e879f1ab76c587b62facb0cd1677f2a9a1ebc00d23ba1b56815812ad

python3-perf-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: fd33f1cc6b9cbfda70c5cfe8abcade41e339120abb80ea32c5de4ce67e52f114

python3-perf-debuginfo-4.18.0-193.93.1.el8_2.ppc64le.rpm

SHA-256: a6217b3eb10f5161fa8c8cf9dac49f2bfff34195ac7906d5eef5ada243c2bfb5

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2

SRPM

kernel-4.18.0-193.93.1.el8_2.src.rpm

SHA-256: c7bdfffd3c3544445efb7266775775cc6f1008ea14de42cf90a555914792e43e

x86_64

bpftool-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 72aee70404cdb4c73cc43c7187b3c6d2e3164f4bdcce489a0bb0e042128fff72

bpftool-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 169c933585aa582abcecae20a5df9e2d0157b77f98474acc0f1ffff5c7c59d5a

kernel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 44f8690def85d92f9335d13fa81e9d2ff713e8b4ed6503a3d678277bc500321c

kernel-abi-whitelists-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 3cf78ffd4f9ec1678301b230dc379cb229509d0af1bcae11544ef9ebcffb10dd

kernel-core-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2ae24bbcea542db82e37d94c28cb7e1bf6050208bfb92e54f8e5a3674e6460ba

kernel-cross-headers-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 4add8e7795804f8656092994e4a43c1c4d136b85913f019a29f6c24311742e75

kernel-debug-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: f489dbfbd640d58281e6657c5d4e8af8cca25104000465216b02349879064ad9

kernel-debug-core-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 52d68aa3e50d827c8832dd3829f54773be52067bf73248b2156202146ccefaf7

kernel-debug-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 078dc63330885b0833ccbabc102e8a001eb64e3a5a3ba4015398a4febcb610b1

kernel-debug-devel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 0cfaa12f7616703c7e079ca24b19490659c18a27aef9819b513afc62b8b426d1

kernel-debug-modules-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2cd50afab3ad90d7ee85cd8fb8f0960709f4698c15ccc6b8291ff4a9a0bb826f

kernel-debug-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 8ab4542dcc295b3df0a3965c695f24867e1080ff9fee8ecf8e312aad48ac424b

kernel-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a7ffe529e33b1efc5c60f4a520dc42cfe9fe47d3b4410520977fbb2e6c8407df

kernel-debuginfo-common-x86_64-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 09ea541149ae44005d63c2ad8c88321717feb90997ec63a8a20596a9e05d2515

kernel-devel-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: be72d154ddca7097d54dacf30c0e1c02e481b082314df48af446a611ea9e2d50

kernel-doc-4.18.0-193.93.1.el8_2.noarch.rpm

SHA-256: 45aafca978038b78b36e7f08d09488296178c091cdef336da55fe564a47ca602

kernel-headers-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a931496eb99c4332c190b780b159d0a0da9c9f40211429e6565f6b40d5333d5b

kernel-modules-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 42d2cedd8111a3daec97ceb4d23cccb7612b6d2a71b57fc18ed79ad9af8438a3

kernel-modules-extra-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: b8990e9d73d435e9be96a3a16dd7ee30aaa637273f7783dc7dcc275887e43287

kernel-tools-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 3a7866bd681448978aaaae78f7ec6953a8841fc9adfd419045b77d558006722a

kernel-tools-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: ffc4a72cd3330bcf6ac40eaa2564e0db1c2a08df320b7bb0dfcaba64dc061c3e

kernel-tools-libs-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 2c996dac0bb8217d08d7f4a0701171ab1508a50d621165b87c959b6dbff80cee

perf-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 9b3be5c55f1383be9b06f1cabd5180d5d0860acb123e4e9e0cb6262f67e92bcc

perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a1c53bc18c466605d724df53c9d56df9ae8f03482b926a0511aa8ce9bd142f2d

python3-perf-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: 81aa300c21bd51ef3fa7b743d222618f5462dbd9bd5801c87a7a4ce68e472c58

python3-perf-debuginfo-4.18.0-193.93.1.el8_2.x86_64.rpm

SHA-256: a1290a357259dfdb30f1574fe00c662f46b2c1a63569a6c5045cdb4eb76a9799

Related news

RHSA-2023:4022: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: A use-after-free flaw was found in route4_change in the net/sched/cls_route.c filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a l...

Intel CPU vulnerabilities fixed. But should you update?

Categories: Exploits and vulnerabilities Categories: News Tags: CVE-2022-21123 Tags: CVE-2022-21125 Tags: CVE-2022-21127 Tags: CVE-2022-21166 Tags: Intel Tags: VMs Tags: microcode Microsoft has released out of band updates for information disclosure vulnerabilities in Intel CPUs, but who needs them? (Read more...) The post Intel CPU vulnerabilities fixed. But should you update? appeared first on Malwarebytes Labs.

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

RHSA-2022:8974: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi...

Red Hat Security Advisory 2022-8609-01

Red Hat Security Advisory 2022-8609-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.7 images. Issues addressed include a bypass vulnerability.

RHSA-2022:8267: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-0854: ...

RHSA-2022:7434: Red Hat Security Advisory: Logging Subsystem 5.5.4 - Red Hat OpenShift security update

Logging Subsystem 5.5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

RHSA-2022:7885: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Red Hat Security Advisory 2022-7313-01

Red Hat Security Advisory 2022-7313-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Issues addressed include denial of service and remote SQL injection vulnerabilities.

RHSA-2022:7344: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

RHSA-2022:7338: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu: AMD: Branch Type Confusion (non-retbleed) * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions * ...

Red Hat Security Advisory 2022-7276-01

Red Hat Security Advisory 2022-7276-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include denial of service, server-side request forgery, and remote SQL injection vulnerabilities.

RHSA-2022:7211: Red Hat Security Advisory: OpenShift Container Platform 4.10.39 bug fix and security update

Red Hat OpenShift Container Platform release 4.10.39 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: ...

Red Hat Security Advisory 2022-7171-01

Red Hat Security Advisory 2022-7171-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:7146: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

RHSA-2022:7137: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

RHSA-2022:7110: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu:...

Red Hat Security Advisory 2022-6991-01

Red Hat Security Advisory 2022-6991-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-6983-01

Red Hat Security Advisory 2022-6983-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-6978-01

Red Hat Security Advisory 2022-6978-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:6872: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete clea...

Red Hat Security Advisory 2022-6536-01

Red Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.

Red Hat Security Advisory 2022-6437-01

Red Hat Security Advisory 2022-6437-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2022-6437-01

Red Hat Security Advisory 2022-6437-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2022-6437-01

Red Hat Security Advisory 2022-6437-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2022-6460-01

Red Hat Security Advisory 2022-6460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2022-6460-01

Red Hat Security Advisory 2022-6460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2022-6460-01

Red Hat Security Advisory 2022-6460-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

RHSA-2022:6437: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

RHSA-2022:6437: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

RHSA-2022:6460: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

Ubuntu Security Notice USN-5562-1

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5560-1

Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

RHSA-2022:5937: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

RHSA-2022:5937: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

RHSA-2022:5939: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

RHSA-2022:5939: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete cleanup in specific special register write operations (aka DRPW)

Ubuntu Security Notice USN-5535-1

Ubuntu Security Notice 5535-1 - Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.

Ubuntu Security Notice USN-5529-1

Ubuntu Security Notice 5529-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service in the host OS.

Ubuntu Security Notice USN-5529-1

Ubuntu Security Notice 5529-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Yongkang Jia discovered that the KVM hypervisor implementation in the Linux kernel did not properly handle guest TLB mapping invalidation requests in some situations. An attacker in a guest VM could use this to cause a denial of service in the host OS.

Ubuntu Security Notice USN-5513-1

Ubuntu Security Notice 5513-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5505-1

Ubuntu Security Notice 5505-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5485-2

Ubuntu Security Notice 5485-2 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-5485-2

Ubuntu Security Notice 5485-2 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-5486-1

Ubuntu Security Notice 5486-1 - It was discovered that some Intel processors did not implement sufficient control flow management. A local attacker could use this to cause a denial of service. Joseph Nuzman discovered that some Intel processors did not properly initialise shared resources. A local attacker could use this to obtain sensitive information. Mark Ermolov, Dmitry Sklyarov and Maxim Goryachy discovered that some Intel processors did not prevent test and debug logic from being activated at runtime. A local attacker could use this to escalate privileges.

Ubuntu Security Notice USN-5485-1

Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-5485-1

Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-5485-1

Ubuntu Security Notice 5485-1 - It was discovered that some Intel processors did not completely perform cleanup actions on multi-core shared buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not completely perform cleanup actions on microarchitectural fill buffers. A local attacker could possibly use this to expose sensitive information. It was discovered that some Intel processors did not properly perform cleanup during specific special register write operations. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-5484-1

Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5484-1

Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5484-1

Ubuntu Security Notice 5484-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2022-21166: INTEL-SA-00615

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2022-21166: INTEL-SA-00615

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.