Headline
RHSA-2022:1550: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-4028: kernel: use-after-free in RDMA listen()
- CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
Synopsis
Important: kernel security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: use-after-free in RDMA listen() (CVE-2021-4028)
- kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Backport DFS fixes from upstream (BZ#2056329)
- [RHEL8.5] lpfc driver often fails to detect storage directly connected to Broadcom FC HBA (BZ#2058193)
- nf_reinject calls nf_queue_entry_free on an already freed entry->state (BZ#2061446)
- gfs2 blocking in gdlm_lock (BZ#2069750)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Virtualization Host 4 for RHEL 8 x86_64
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat CodeReady Linux Builder for x86_64 8 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Fixes
- BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
- BZ - 2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
kernel-4.18.0-348.23.1.el8_5.src.rpm
SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84
s390x
bpftool-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 4eeb425712775347ed2f7c30d97ca92e96fad24abd17db8d84cef1680e5adfda
bpftool-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 25eebd2b4058ce65a19574ac61e4f2ea7d783e755aa9a5334eaf7d6b81d0f2fd
kernel-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 355932b42e2f41870503b43f2924472bbed229617f30b19137ce8a91d086afb2
kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e
kernel-core-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 9abf72fe66cb1ecfe68fd5486585be2934bc50a103947142ef8b118c475996c5
kernel-cross-headers-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: fdb5796ff4ec3f44c883cc62c255712907e21830a0b9d926e62fdc4d7c356233
kernel-debug-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 7d4a545fbc907583e60280defcb023417a78b049b5b3bd1e514a8f27ea4aded4
kernel-debug-core-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 75ef16a3dc11e7ad67cf1f13823d2b40f787920eab90ca1f13850cb6446c399f
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: f94d880b60b77c812b706d15794cc498c4e0938e09ce845b173f4d6cd4faf378
kernel-debug-devel-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: b266bd3e4da79f37eaf698a3e80b1e38398e4c075fa0aea6cdfce8e9fdd4aeb1
kernel-debug-modules-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 33d71d6cfb03bd2d4577491beb78a41be65d950cbdc1b96a655fb7ac8746e15b
kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 4b0c2331c51419e1245e05bb715243852ead518bda7079d9aae692e814d7e410
kernel-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: e13cc58092c63cb92ff809051cf13fce00b6eabea58fcb96f365a53c8ade978a
kernel-debuginfo-common-s390x-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: c1ded5bc6c91768d1dd06b3f687955400d2e82bed090e0c7c205c27924c04ce2
kernel-devel-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: ffd2644d5ac40e68e53f332e3fcd5ccf7c31221c37a733eb1cdc46fe1b1e619c
kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762
kernel-headers-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 488f588a613d61c5454370c7e13f4a653dfe9469bc5618dea6c08cdc7110951f
kernel-modules-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 4d7abc51b43f341e588d57abc6d5ad31d12fa69aaafb447ef7c65363021a53e7
kernel-modules-extra-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 990a689e10229d0b1dedd124635ba34408f7745ea5e0aade8519bf69154c1a1e
kernel-tools-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 56d68e1dcf6693abab0562054b59f63649c25d259056ccce9d8221f272aa935a
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 87ff3eb56cd22bf2208dc835d105c1355c84d49e4abf89f51ea26a592fb2f906
kernel-zfcpdump-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: d0305c692e32702775c8da0d537c6993b26e59652d8057abba59404b48c831eb
kernel-zfcpdump-core-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 0a2052b97b5991a231138e714a7e8db040717a05e0e9f3731148b42847251a34
kernel-zfcpdump-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: a09a2e488149cac26780db036713d4baf0b65111a85b512860836c1dce2d99a1
kernel-zfcpdump-devel-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 8a9c84f394ffb1397db20189093c1108add10dabe6601de0be8c453b4e2c5a6d
kernel-zfcpdump-modules-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: a3d84ae55f0c8ea84e688d6fcedd6b45d03c1b8a86ed3b638eabde1ab8d0c55b
kernel-zfcpdump-modules-extra-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: e7f5f80466362d0c19104eb5e87aa5b8c09af5b6fd8231b3f96d5df922a813bc
perf-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: fbc640e7846c3f73759c184bf7edbdc87b148e73c12e8fa9dd8399d0f1f884b9
perf-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: fe288488dd7f6124ef269c41619edeb5a6faa19b8e67eb2709aecbb7ecd8bf16
python3-perf-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: 4cd961d9d27e10a332608628dc59727f3893a209ce9ae6637b67f81a75d02cee
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm
SHA-256: f721df7dfdd8efdacc5e9904c6bc33a7a00c953e8ca1081cb95ae7d979964bcd
Red Hat Enterprise Linux for Power, little endian 8
SRPM
kernel-4.18.0-348.23.1.el8_5.src.rpm
SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84
ppc64le
bpftool-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: da4fe4e9ff1d337aa0fd21f5d93fca83d03f66af168d056aa3415a08bd174899
bpftool-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 27fece46877e387f47ccfa63d24a74f938f78f78843ce50e446ca5818dc4a212
kernel-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 4bd083fa3566d0b3ba4075264beea4a795893f881043cb01266f2e18522cd543
kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e
kernel-core-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: e9936c372f8f87a7f2249b1fa8b5258aa7d2ab4f6942fd3b7eccc502c8ab5bd6
kernel-cross-headers-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: b9f8f3562358a0df423f1b1a18e794b3a269da2f88eac2e9c199f01fb2c80241
kernel-debug-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 89bc179c331d61abeebae865c82cef03796ff451bcb2735cf0bb92d07f6092ac
kernel-debug-core-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 3774383225247100e1e344e679c46c58eee0237e3d1db0117210b8753864e227
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 946f016e0d29a6c6f2739b136af9fa1feef8b1eda257b3fb0782b27affa8f1df
kernel-debug-devel-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: f5ef62daff0b89796a83662a891026109bdf39f5f3eb7b1d558a43844b616112
kernel-debug-modules-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 267c409adf7cf51683f6e0b549e2a0009163e036709d3dfe97f8fc69ea17eaa4
kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: e50a72e69ca5810632b20dce42f4b528bf67cfe9e27e689ea6092c289787285a
kernel-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: d696029c965d0ea1efea484054e05946593afb4c450fd90fa70cadb3d5b1474f
kernel-debuginfo-common-ppc64le-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: b9a5c689a61d8e2f98b07110abddde8731c2944596e1187648cf472d626f9cdf
kernel-devel-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 2d126e86cce826ad1dc48145a75afb26ac6325dd2d427f6375ac5619e1382682
kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762
kernel-headers-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: e8de8eedea6101c2a7b7798f824d86048f3288aaa79463187c480b48ab29868f
kernel-modules-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: d39d0c2acfc6bf6d7816c210b2338c471f4d4123e42a966b51852d390a8c4d3d
kernel-modules-extra-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 04264ec5e6693de34d5b66fdffa524e631bb4a4285f8149bb984044cfefab06e
kernel-tools-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 7c0f94494f1ff99fe0b5a7566324901f13c7542a2b4a94ada3fae721ad8f26ad
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: d20d085384a640a63cdb71265b60924aa8b3a9cc6de2378a7b8265acfbfa83c1
kernel-tools-libs-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 8309ac9331a90f1ab0467eef0febb08784ffc6f44828bb506ab5d61c54bb1384
perf-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: a8daa37dc99ffcf063f38193cb82c51798e2f20a381257751237dbdd1c0e04d3
perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: eec36008e665e44648789652fb4f436f06ea9bea06384e443a32f270fe2834f5
python3-perf-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 9e8092c3d8d1461a3bd202227bb159c744248afcd74eaf514853bf7613821a0a
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: c775711041d0a53ad7a89c6663bd02b10547d3c85a62f86299e9b943fb5163a2
Red Hat Virtualization Host 4 for RHEL 8
SRPM
x86_64
bpftool-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 0404e5037a1864ad2ee29d93af0f2153ab86fcfd95f3fcfc0ac7a5a5f377e64a
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 2b9ebf4422bbe07421723786f97158a4c2231b2691cb1ca157078f48b12e410a
kernel-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: a82e6f11cb9fe4654deea5184c1f1c1fb246841cd4aa1d7b3c0f9fa2c8a43d9a
kernel-debuginfo-common-x86_64-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 17bcffee9d9f43b4f7c57f855b6f95ba3eac9b37181999221570ddc2fcc69da6
kernel-devel-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: e0b33105529a7039f5c39591d31c34eb861d95032067307214a4e60cf4694e81
kernel-headers-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: aaf0495c29ed7de3c0c9431fd12f960971b2cab9b47793c23827b7e7f4cbd467
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 2e227c646cdca34fbf0faa5c274ca966184af27752be9378619d69481b096a0b
perf-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 148e0606215ba37981623f4343a008344dfc70b5f56331c80b127131dd157ed6
perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 9ed89c1eaece974f38a3d97bcb5e5fffe60c9a3c0c08dfecc9625f620362d8f1
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 4d21555912daa1354a981d6a1c9544c27602dd92aeb8a7a5c3b74ed3d161f9cf
Red Hat Enterprise Linux for x86_64 8
SRPM
kernel-4.18.0-348.23.1.el8_5.src.rpm
SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84
x86_64
bpftool-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 8d1560aae43846cb90959593d2d9ea6cb74df0e6ff7f83a0f388644ca717fe45
bpftool-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 0404e5037a1864ad2ee29d93af0f2153ab86fcfd95f3fcfc0ac7a5a5f377e64a
kernel-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: b1d239a8a4dcc28794da3353bfefc723eced265bdb871359971d36fd015f3d50
kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e
kernel-core-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 4197127baea9de95d0345314e85671aac1910d83872b174de1a2ddd603f1e0c5
kernel-cross-headers-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: a5fe29c61efde1db1ac58c80190240c11c6ac3ec19eb21f221ac8e36d9aa01fe
kernel-debug-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: c66b0f92d1f9396cd66e21aff89d00966804951f8eed723e587e29f207c524dc
kernel-debug-core-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 29745467d68563266b6b9864883bba4c73eacd66011cdd382839f0966582a6fc
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 2b9ebf4422bbe07421723786f97158a4c2231b2691cb1ca157078f48b12e410a
kernel-debug-devel-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: d650ddcf0b12b85412567bf5726d8119d4d98d4630b3c869f1158de34ba458c3
kernel-debug-modules-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 4c74a31a4cd3326adae87600c0cf621d5924c7eb73fa495135107dac0115dd90
kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 1282a41bed5efb0a4908267af00544a48dd4dee81310b9ef47ae00a8e0a337ab
kernel-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: a82e6f11cb9fe4654deea5184c1f1c1fb246841cd4aa1d7b3c0f9fa2c8a43d9a
kernel-debuginfo-common-x86_64-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 17bcffee9d9f43b4f7c57f855b6f95ba3eac9b37181999221570ddc2fcc69da6
kernel-devel-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: e0b33105529a7039f5c39591d31c34eb861d95032067307214a4e60cf4694e81
kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762
kernel-headers-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: aaf0495c29ed7de3c0c9431fd12f960971b2cab9b47793c23827b7e7f4cbd467
kernel-modules-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 9844bc5389de3f6224d06bc0a0331257c75ce0554136458c8baae72c06ddbc3c
kernel-modules-extra-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 7258aaa1bb4bdab693eb3eb848c863ca15a4cc4b7d33c3abfab65a00b919d187
kernel-tools-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 5abf6573148c520ba792143c658ddd884aef747877a50d7f8c4a25fe020c993b
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 2e227c646cdca34fbf0faa5c274ca966184af27752be9378619d69481b096a0b
kernel-tools-libs-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 12929d5210c39d749491b57a0779c0d83b0a8d13166711fd46d46d39c743f581
perf-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 148e0606215ba37981623f4343a008344dfc70b5f56331c80b127131dd157ed6
perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 9ed89c1eaece974f38a3d97bcb5e5fffe60c9a3c0c08dfecc9625f620362d8f1
python3-perf-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 95d321966ef347de4027b8bb26791f505fe03fbcef26bceea3d26bc17625b6a9
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 4d21555912daa1354a981d6a1c9544c27602dd92aeb8a7a5c3b74ed3d161f9cf
Red Hat Enterprise Linux for ARM 64 8
SRPM
kernel-4.18.0-348.23.1.el8_5.src.rpm
SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84
aarch64
bpftool-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 6bb5f543a780aec18b6666147b608b9f47ae6736fb4d2d5119494e191d2fead7
bpftool-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 33af0e1e51c1cdf4bc5929d19fc05e220a4c50710965df7ea0b4caf352326889
kernel-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 321dc864375d0ab3ae48680575d70991932e0d28f853834aa8e2727ba189365c
kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e
kernel-core-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 7121072049e6161743349f9c3867ca5fa6606be993d5e760d7e7709de8ad8491
kernel-cross-headers-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 9dd38e0fccdcd8a25c44e5356ea8421d9f4dc1391a3b4171804b40aa71c336b0
kernel-debug-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 3653381c5464182f00e5264744fa00a2843be2b93c8e77edfa6d8b5566789378
kernel-debug-core-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 009ea0bef49d9a3c9228598988f5690ea7906a3b38c76b178fa4709fadeb5ba3
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: bf6ad79218378e4b5d895d64b148174dbd9d7b30ebbd494d92b14082b839c3b9
kernel-debug-devel-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 0e6ee4ee28bec2e3c89389bd1eee8c76f662cf7eda81bbb841a41c9364bf96bd
kernel-debug-modules-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: aed295f2585d311a9473f744086b1f22301b6e6cda1dd28f47c10d13549b039d
kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 40638b5cadedf1ce8e4445abea374816ae8807f013a5d61f959ff56d45a64644
kernel-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 0d646c225d245737c90c56de4f69c4073a190e29303c3ddce2dafde2e343fda6
kernel-debuginfo-common-aarch64-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: b229739a2cf97014317df993a486d6d83da3c8ead08ca65102285e88c96a6649
kernel-devel-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 48695ed2a9e770e31e43c185d7d1418690ab4aa4e93a8a3cff9c0a150eae71df
kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm
SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762
kernel-headers-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: e4c9c8d99fcb1c8a2ff2bcd34e65f6f7c548f94a771cb9bcdbd4ba106b5bae2f
kernel-modules-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 4eab27b76cca1c57cc4d6046b7aa6f7c7dda1bd491b5f03d0d400c998c99ed97
kernel-modules-extra-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: b62ea2d4dc85d618f728a2068c3d47a20078f18608c06227f6e52c81378df0bd
kernel-tools-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 492282e8ea59fb2c0322774a28aa4caeea92c4e121dc78118f9588a000ea4864
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: d1806cc41b750347ba888f49ea6405a33e011c7426a8d92d397a72e3ae49cbb1
kernel-tools-libs-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 0c59a590099acde5957424f718556d0964a9f03e81ca27eb00d2c45dd83749c6
perf-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: ddb8b56aa8da9ffda9a60b4357f1a41ecf49dc1d3be2ada466eb29b40378538c
perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 721159ff0e22adaf5bad143b48a7274efc0a51ddb78c2593da6435fa92dbe89f
python3-perf-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: fb082d98cfd4f905dc4e006675d1bcfcb179b0ae8c0054096b96d7f2f2f0eebf
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: ceaa8db9200819a0fdee81de2be3d13b41f88ac9e42c3af03d8a3a34d73d855b
Red Hat CodeReady Linux Builder for x86_64 8
SRPM
x86_64
bpftool-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 0404e5037a1864ad2ee29d93af0f2153ab86fcfd95f3fcfc0ac7a5a5f377e64a
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 2b9ebf4422bbe07421723786f97158a4c2231b2691cb1ca157078f48b12e410a
kernel-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: a82e6f11cb9fe4654deea5184c1f1c1fb246841cd4aa1d7b3c0f9fa2c8a43d9a
kernel-debuginfo-common-x86_64-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 17bcffee9d9f43b4f7c57f855b6f95ba3eac9b37181999221570ddc2fcc69da6
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 2e227c646cdca34fbf0faa5c274ca966184af27752be9378619d69481b096a0b
kernel-tools-libs-devel-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 4bcd44b82f3c882849cf539ad598b22f3cf9b91c97e266d80d6963c9ef088444
perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 9ed89c1eaece974f38a3d97bcb5e5fffe60c9a3c0c08dfecc9625f620362d8f1
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm
SHA-256: 4d21555912daa1354a981d6a1c9544c27602dd92aeb8a7a5c3b74ed3d161f9cf
Red Hat CodeReady Linux Builder for Power, little endian 8
SRPM
ppc64le
bpftool-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 27fece46877e387f47ccfa63d24a74f938f78f78843ce50e446ca5818dc4a212
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: 946f016e0d29a6c6f2739b136af9fa1feef8b1eda257b3fb0782b27affa8f1df
kernel-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: d696029c965d0ea1efea484054e05946593afb4c450fd90fa70cadb3d5b1474f
kernel-debuginfo-common-ppc64le-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: b9a5c689a61d8e2f98b07110abddde8731c2944596e1187648cf472d626f9cdf
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: d20d085384a640a63cdb71265b60924aa8b3a9cc6de2378a7b8265acfbfa83c1
kernel-tools-libs-devel-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: a714eeae1ecb530bcbe5e28a9c0c1173edf8d78ef6164792a897335b6d1c0434
perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: eec36008e665e44648789652fb4f436f06ea9bea06384e443a32f270fe2834f5
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm
SHA-256: c775711041d0a53ad7a89c6663bd02b10547d3c85a62f86299e9b943fb5163a2
Red Hat CodeReady Linux Builder for ARM 64 8
SRPM
aarch64
bpftool-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 33af0e1e51c1cdf4bc5929d19fc05e220a4c50710965df7ea0b4caf352326889
kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: bf6ad79218378e4b5d895d64b148174dbd9d7b30ebbd494d92b14082b839c3b9
kernel-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 0d646c225d245737c90c56de4f69c4073a190e29303c3ddce2dafde2e343fda6
kernel-debuginfo-common-aarch64-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: b229739a2cf97014317df993a486d6d83da3c8ead08ca65102285e88c96a6649
kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: d1806cc41b750347ba888f49ea6405a33e011c7426a8d92d397a72e3ae49cbb1
kernel-tools-libs-devel-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 22fc7f168d3e6ba4dae635225c162e95dca556fa6cf4d2c87ba49bfc501b5e74
perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: 721159ff0e22adaf5bad143b48a7274efc0a51ddb78c2593da6435fa92dbe89f
python3-perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm
SHA-256: ceaa8db9200819a0fdee81de2be3d13b41f88ac9e42c3af03d8a3a34d73d855b
Related news
IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 218379.
IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. IBM X-Force ID: 211037.
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021
IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 220041.
IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 217369.
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 21.0.8, 22.2.4, and 23.0.1, it is possible to trick administrators into enabling "recommended" apps for the Nextcloud server that they do not need, thus expanding their attack surface unnecessarily. This issue is fixed in versions 21.0.8 , 22.2.4, and 23.0.1.
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive (C:\) to exploit this.
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Updated web-admin-build packages are now available for Red Hat Gluster Storage 3.5 Web Administration on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache
Red Hat AMQ Broker 7.8.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+
Red Hat AMQ Broker 7.9.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+
Red Hat OpenShift Container Platform release 3.11.665 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43859: xstream: Injecting highly recursive collections or maps can cause a DoS * CVE-2022-25173: workflow-cps: OS command execution through crafted SCM contents * CVE-2022-25174: workflow-cps-global-lib: OS command execution through crafted SCM contents * CVE-2022-25175: wo...
An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
A security update for convert2rhel is now available for unsupported conversions of CentOS Linux 6 and Oracle Linux 6 to Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code
A security update for convert2rhel is now available for supported conversions of CentOS Linux 7 and Oracle Linux 7 to Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code
A security update for convert2rhel is now available for supported conversions of CentOS Linux 8 and Oracle Linux 8 to Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code
An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. This vulnerability can allow attackers to execute phishing attacks or cause a Denial of Service (DoS).
An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.
A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS).
A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification.
An update for polkit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash
An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1154: vim: use after free in utf_ptr2char
An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-2154: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2166: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2372: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-2389: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-35604: mysql: InnoDB unspecified vulnerab...
An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty
An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for gzip is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability
An update for the mariadb:10.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-2154: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2166: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2372: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-2389: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-35604: mysql: InnoDB unspecified vulnerab...
An update for zlib is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
An update for gzip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability
An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25235: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
An update for maven-shared-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-29599: maven-shared-utils: Command injection via Commandline class
An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25235: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution