Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:1550: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2021-4028: kernel: use-after-free in RDMA listen()
  • CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
Red Hat Security Data
#vulnerability#linux#red_hat#ibm

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use-after-free in RDMA listen() (CVE-2021-4028)
  • kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • Backport DFS fixes from upstream (BZ#2056329)
  • [RHEL8.5] lpfc driver often fails to detect storage directly connected to Broadcom FC HBA (BZ#2058193)
  • nf_reinject calls nf_queue_entry_free on an already freed entry->state (BZ#2061446)
  • gfs2 blocking in gdlm_lock (BZ#2069750)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Virtualization Host 4 for RHEL 8 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64

Fixes

  • BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
  • BZ - 2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c

Red Hat Enterprise Linux for IBM z Systems 8

SRPM

kernel-4.18.0-348.23.1.el8_5.src.rpm

SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84

s390x

bpftool-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 4eeb425712775347ed2f7c30d97ca92e96fad24abd17db8d84cef1680e5adfda

bpftool-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 25eebd2b4058ce65a19574ac61e4f2ea7d783e755aa9a5334eaf7d6b81d0f2fd

kernel-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 355932b42e2f41870503b43f2924472bbed229617f30b19137ce8a91d086afb2

kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e

kernel-core-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 9abf72fe66cb1ecfe68fd5486585be2934bc50a103947142ef8b118c475996c5

kernel-cross-headers-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: fdb5796ff4ec3f44c883cc62c255712907e21830a0b9d926e62fdc4d7c356233

kernel-debug-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 7d4a545fbc907583e60280defcb023417a78b049b5b3bd1e514a8f27ea4aded4

kernel-debug-core-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 75ef16a3dc11e7ad67cf1f13823d2b40f787920eab90ca1f13850cb6446c399f

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: f94d880b60b77c812b706d15794cc498c4e0938e09ce845b173f4d6cd4faf378

kernel-debug-devel-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: b266bd3e4da79f37eaf698a3e80b1e38398e4c075fa0aea6cdfce8e9fdd4aeb1

kernel-debug-modules-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 33d71d6cfb03bd2d4577491beb78a41be65d950cbdc1b96a655fb7ac8746e15b

kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 4b0c2331c51419e1245e05bb715243852ead518bda7079d9aae692e814d7e410

kernel-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: e13cc58092c63cb92ff809051cf13fce00b6eabea58fcb96f365a53c8ade978a

kernel-debuginfo-common-s390x-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: c1ded5bc6c91768d1dd06b3f687955400d2e82bed090e0c7c205c27924c04ce2

kernel-devel-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: ffd2644d5ac40e68e53f332e3fcd5ccf7c31221c37a733eb1cdc46fe1b1e619c

kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762

kernel-headers-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 488f588a613d61c5454370c7e13f4a653dfe9469bc5618dea6c08cdc7110951f

kernel-modules-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 4d7abc51b43f341e588d57abc6d5ad31d12fa69aaafb447ef7c65363021a53e7

kernel-modules-extra-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 990a689e10229d0b1dedd124635ba34408f7745ea5e0aade8519bf69154c1a1e

kernel-tools-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 56d68e1dcf6693abab0562054b59f63649c25d259056ccce9d8221f272aa935a

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 87ff3eb56cd22bf2208dc835d105c1355c84d49e4abf89f51ea26a592fb2f906

kernel-zfcpdump-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: d0305c692e32702775c8da0d537c6993b26e59652d8057abba59404b48c831eb

kernel-zfcpdump-core-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 0a2052b97b5991a231138e714a7e8db040717a05e0e9f3731148b42847251a34

kernel-zfcpdump-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: a09a2e488149cac26780db036713d4baf0b65111a85b512860836c1dce2d99a1

kernel-zfcpdump-devel-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 8a9c84f394ffb1397db20189093c1108add10dabe6601de0be8c453b4e2c5a6d

kernel-zfcpdump-modules-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: a3d84ae55f0c8ea84e688d6fcedd6b45d03c1b8a86ed3b638eabde1ab8d0c55b

kernel-zfcpdump-modules-extra-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: e7f5f80466362d0c19104eb5e87aa5b8c09af5b6fd8231b3f96d5df922a813bc

perf-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: fbc640e7846c3f73759c184bf7edbdc87b148e73c12e8fa9dd8399d0f1f884b9

perf-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: fe288488dd7f6124ef269c41619edeb5a6faa19b8e67eb2709aecbb7ecd8bf16

python3-perf-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: 4cd961d9d27e10a332608628dc59727f3893a209ce9ae6637b67f81a75d02cee

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.s390x.rpm

SHA-256: f721df7dfdd8efdacc5e9904c6bc33a7a00c953e8ca1081cb95ae7d979964bcd

Red Hat Enterprise Linux for Power, little endian 8

SRPM

kernel-4.18.0-348.23.1.el8_5.src.rpm

SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84

ppc64le

bpftool-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: da4fe4e9ff1d337aa0fd21f5d93fca83d03f66af168d056aa3415a08bd174899

bpftool-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 27fece46877e387f47ccfa63d24a74f938f78f78843ce50e446ca5818dc4a212

kernel-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 4bd083fa3566d0b3ba4075264beea4a795893f881043cb01266f2e18522cd543

kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e

kernel-core-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: e9936c372f8f87a7f2249b1fa8b5258aa7d2ab4f6942fd3b7eccc502c8ab5bd6

kernel-cross-headers-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: b9f8f3562358a0df423f1b1a18e794b3a269da2f88eac2e9c199f01fb2c80241

kernel-debug-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 89bc179c331d61abeebae865c82cef03796ff451bcb2735cf0bb92d07f6092ac

kernel-debug-core-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 3774383225247100e1e344e679c46c58eee0237e3d1db0117210b8753864e227

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 946f016e0d29a6c6f2739b136af9fa1feef8b1eda257b3fb0782b27affa8f1df

kernel-debug-devel-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: f5ef62daff0b89796a83662a891026109bdf39f5f3eb7b1d558a43844b616112

kernel-debug-modules-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 267c409adf7cf51683f6e0b549e2a0009163e036709d3dfe97f8fc69ea17eaa4

kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: e50a72e69ca5810632b20dce42f4b528bf67cfe9e27e689ea6092c289787285a

kernel-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: d696029c965d0ea1efea484054e05946593afb4c450fd90fa70cadb3d5b1474f

kernel-debuginfo-common-ppc64le-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: b9a5c689a61d8e2f98b07110abddde8731c2944596e1187648cf472d626f9cdf

kernel-devel-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 2d126e86cce826ad1dc48145a75afb26ac6325dd2d427f6375ac5619e1382682

kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762

kernel-headers-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: e8de8eedea6101c2a7b7798f824d86048f3288aaa79463187c480b48ab29868f

kernel-modules-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: d39d0c2acfc6bf6d7816c210b2338c471f4d4123e42a966b51852d390a8c4d3d

kernel-modules-extra-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 04264ec5e6693de34d5b66fdffa524e631bb4a4285f8149bb984044cfefab06e

kernel-tools-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 7c0f94494f1ff99fe0b5a7566324901f13c7542a2b4a94ada3fae721ad8f26ad

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: d20d085384a640a63cdb71265b60924aa8b3a9cc6de2378a7b8265acfbfa83c1

kernel-tools-libs-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 8309ac9331a90f1ab0467eef0febb08784ffc6f44828bb506ab5d61c54bb1384

perf-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: a8daa37dc99ffcf063f38193cb82c51798e2f20a381257751237dbdd1c0e04d3

perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: eec36008e665e44648789652fb4f436f06ea9bea06384e443a32f270fe2834f5

python3-perf-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 9e8092c3d8d1461a3bd202227bb159c744248afcd74eaf514853bf7613821a0a

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: c775711041d0a53ad7a89c6663bd02b10547d3c85a62f86299e9b943fb5163a2

Red Hat Virtualization Host 4 for RHEL 8

SRPM

x86_64

bpftool-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 0404e5037a1864ad2ee29d93af0f2153ab86fcfd95f3fcfc0ac7a5a5f377e64a

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 2b9ebf4422bbe07421723786f97158a4c2231b2691cb1ca157078f48b12e410a

kernel-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: a82e6f11cb9fe4654deea5184c1f1c1fb246841cd4aa1d7b3c0f9fa2c8a43d9a

kernel-debuginfo-common-x86_64-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 17bcffee9d9f43b4f7c57f855b6f95ba3eac9b37181999221570ddc2fcc69da6

kernel-devel-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: e0b33105529a7039f5c39591d31c34eb861d95032067307214a4e60cf4694e81

kernel-headers-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: aaf0495c29ed7de3c0c9431fd12f960971b2cab9b47793c23827b7e7f4cbd467

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 2e227c646cdca34fbf0faa5c274ca966184af27752be9378619d69481b096a0b

perf-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 148e0606215ba37981623f4343a008344dfc70b5f56331c80b127131dd157ed6

perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 9ed89c1eaece974f38a3d97bcb5e5fffe60c9a3c0c08dfecc9625f620362d8f1

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 4d21555912daa1354a981d6a1c9544c27602dd92aeb8a7a5c3b74ed3d161f9cf

Red Hat Enterprise Linux for x86_64 8

SRPM

kernel-4.18.0-348.23.1.el8_5.src.rpm

SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84

x86_64

bpftool-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 8d1560aae43846cb90959593d2d9ea6cb74df0e6ff7f83a0f388644ca717fe45

bpftool-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 0404e5037a1864ad2ee29d93af0f2153ab86fcfd95f3fcfc0ac7a5a5f377e64a

kernel-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: b1d239a8a4dcc28794da3353bfefc723eced265bdb871359971d36fd015f3d50

kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e

kernel-core-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 4197127baea9de95d0345314e85671aac1910d83872b174de1a2ddd603f1e0c5

kernel-cross-headers-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: a5fe29c61efde1db1ac58c80190240c11c6ac3ec19eb21f221ac8e36d9aa01fe

kernel-debug-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: c66b0f92d1f9396cd66e21aff89d00966804951f8eed723e587e29f207c524dc

kernel-debug-core-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 29745467d68563266b6b9864883bba4c73eacd66011cdd382839f0966582a6fc

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 2b9ebf4422bbe07421723786f97158a4c2231b2691cb1ca157078f48b12e410a

kernel-debug-devel-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: d650ddcf0b12b85412567bf5726d8119d4d98d4630b3c869f1158de34ba458c3

kernel-debug-modules-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 4c74a31a4cd3326adae87600c0cf621d5924c7eb73fa495135107dac0115dd90

kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 1282a41bed5efb0a4908267af00544a48dd4dee81310b9ef47ae00a8e0a337ab

kernel-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: a82e6f11cb9fe4654deea5184c1f1c1fb246841cd4aa1d7b3c0f9fa2c8a43d9a

kernel-debuginfo-common-x86_64-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 17bcffee9d9f43b4f7c57f855b6f95ba3eac9b37181999221570ddc2fcc69da6

kernel-devel-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: e0b33105529a7039f5c39591d31c34eb861d95032067307214a4e60cf4694e81

kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762

kernel-headers-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: aaf0495c29ed7de3c0c9431fd12f960971b2cab9b47793c23827b7e7f4cbd467

kernel-modules-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 9844bc5389de3f6224d06bc0a0331257c75ce0554136458c8baae72c06ddbc3c

kernel-modules-extra-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 7258aaa1bb4bdab693eb3eb848c863ca15a4cc4b7d33c3abfab65a00b919d187

kernel-tools-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 5abf6573148c520ba792143c658ddd884aef747877a50d7f8c4a25fe020c993b

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 2e227c646cdca34fbf0faa5c274ca966184af27752be9378619d69481b096a0b

kernel-tools-libs-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 12929d5210c39d749491b57a0779c0d83b0a8d13166711fd46d46d39c743f581

perf-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 148e0606215ba37981623f4343a008344dfc70b5f56331c80b127131dd157ed6

perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 9ed89c1eaece974f38a3d97bcb5e5fffe60c9a3c0c08dfecc9625f620362d8f1

python3-perf-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 95d321966ef347de4027b8bb26791f505fe03fbcef26bceea3d26bc17625b6a9

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 4d21555912daa1354a981d6a1c9544c27602dd92aeb8a7a5c3b74ed3d161f9cf

Red Hat Enterprise Linux for ARM 64 8

SRPM

kernel-4.18.0-348.23.1.el8_5.src.rpm

SHA-256: 384f8a36810ba232a22ad98432e6927182e5e3da259cf4b960a312452a93ca84

aarch64

bpftool-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 6bb5f543a780aec18b6666147b608b9f47ae6736fb4d2d5119494e191d2fead7

bpftool-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 33af0e1e51c1cdf4bc5929d19fc05e220a4c50710965df7ea0b4caf352326889

kernel-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 321dc864375d0ab3ae48680575d70991932e0d28f853834aa8e2727ba189365c

kernel-abi-stablelists-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: e3394be4d3c9b961fec25c500e8d371e40102b69bb36871faf5e0c047738f50e

kernel-core-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 7121072049e6161743349f9c3867ca5fa6606be993d5e760d7e7709de8ad8491

kernel-cross-headers-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 9dd38e0fccdcd8a25c44e5356ea8421d9f4dc1391a3b4171804b40aa71c336b0

kernel-debug-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 3653381c5464182f00e5264744fa00a2843be2b93c8e77edfa6d8b5566789378

kernel-debug-core-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 009ea0bef49d9a3c9228598988f5690ea7906a3b38c76b178fa4709fadeb5ba3

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: bf6ad79218378e4b5d895d64b148174dbd9d7b30ebbd494d92b14082b839c3b9

kernel-debug-devel-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 0e6ee4ee28bec2e3c89389bd1eee8c76f662cf7eda81bbb841a41c9364bf96bd

kernel-debug-modules-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: aed295f2585d311a9473f744086b1f22301b6e6cda1dd28f47c10d13549b039d

kernel-debug-modules-extra-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 40638b5cadedf1ce8e4445abea374816ae8807f013a5d61f959ff56d45a64644

kernel-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 0d646c225d245737c90c56de4f69c4073a190e29303c3ddce2dafde2e343fda6

kernel-debuginfo-common-aarch64-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: b229739a2cf97014317df993a486d6d83da3c8ead08ca65102285e88c96a6649

kernel-devel-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 48695ed2a9e770e31e43c185d7d1418690ab4aa4e93a8a3cff9c0a150eae71df

kernel-doc-4.18.0-348.23.1.el8_5.noarch.rpm

SHA-256: 1d71b4db78b230cf76133e49ae5ef5e8e65ff6b4c8411a179faba8f95bd16762

kernel-headers-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: e4c9c8d99fcb1c8a2ff2bcd34e65f6f7c548f94a771cb9bcdbd4ba106b5bae2f

kernel-modules-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 4eab27b76cca1c57cc4d6046b7aa6f7c7dda1bd491b5f03d0d400c998c99ed97

kernel-modules-extra-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: b62ea2d4dc85d618f728a2068c3d47a20078f18608c06227f6e52c81378df0bd

kernel-tools-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 492282e8ea59fb2c0322774a28aa4caeea92c4e121dc78118f9588a000ea4864

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: d1806cc41b750347ba888f49ea6405a33e011c7426a8d92d397a72e3ae49cbb1

kernel-tools-libs-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 0c59a590099acde5957424f718556d0964a9f03e81ca27eb00d2c45dd83749c6

perf-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: ddb8b56aa8da9ffda9a60b4357f1a41ecf49dc1d3be2ada466eb29b40378538c

perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 721159ff0e22adaf5bad143b48a7274efc0a51ddb78c2593da6435fa92dbe89f

python3-perf-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: fb082d98cfd4f905dc4e006675d1bcfcb179b0ae8c0054096b96d7f2f2f0eebf

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: ceaa8db9200819a0fdee81de2be3d13b41f88ac9e42c3af03d8a3a34d73d855b

Red Hat CodeReady Linux Builder for x86_64 8

SRPM

x86_64

bpftool-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 0404e5037a1864ad2ee29d93af0f2153ab86fcfd95f3fcfc0ac7a5a5f377e64a

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 2b9ebf4422bbe07421723786f97158a4c2231b2691cb1ca157078f48b12e410a

kernel-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: a82e6f11cb9fe4654deea5184c1f1c1fb246841cd4aa1d7b3c0f9fa2c8a43d9a

kernel-debuginfo-common-x86_64-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 17bcffee9d9f43b4f7c57f855b6f95ba3eac9b37181999221570ddc2fcc69da6

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 2e227c646cdca34fbf0faa5c274ca966184af27752be9378619d69481b096a0b

kernel-tools-libs-devel-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 4bcd44b82f3c882849cf539ad598b22f3cf9b91c97e266d80d6963c9ef088444

perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 9ed89c1eaece974f38a3d97bcb5e5fffe60c9a3c0c08dfecc9625f620362d8f1

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.x86_64.rpm

SHA-256: 4d21555912daa1354a981d6a1c9544c27602dd92aeb8a7a5c3b74ed3d161f9cf

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM

ppc64le

bpftool-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 27fece46877e387f47ccfa63d24a74f938f78f78843ce50e446ca5818dc4a212

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: 946f016e0d29a6c6f2739b136af9fa1feef8b1eda257b3fb0782b27affa8f1df

kernel-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: d696029c965d0ea1efea484054e05946593afb4c450fd90fa70cadb3d5b1474f

kernel-debuginfo-common-ppc64le-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: b9a5c689a61d8e2f98b07110abddde8731c2944596e1187648cf472d626f9cdf

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: d20d085384a640a63cdb71265b60924aa8b3a9cc6de2378a7b8265acfbfa83c1

kernel-tools-libs-devel-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: a714eeae1ecb530bcbe5e28a9c0c1173edf8d78ef6164792a897335b6d1c0434

perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: eec36008e665e44648789652fb4f436f06ea9bea06384e443a32f270fe2834f5

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.ppc64le.rpm

SHA-256: c775711041d0a53ad7a89c6663bd02b10547d3c85a62f86299e9b943fb5163a2

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM

aarch64

bpftool-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 33af0e1e51c1cdf4bc5929d19fc05e220a4c50710965df7ea0b4caf352326889

kernel-debug-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: bf6ad79218378e4b5d895d64b148174dbd9d7b30ebbd494d92b14082b839c3b9

kernel-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 0d646c225d245737c90c56de4f69c4073a190e29303c3ddce2dafde2e343fda6

kernel-debuginfo-common-aarch64-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: b229739a2cf97014317df993a486d6d83da3c8ead08ca65102285e88c96a6649

kernel-tools-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: d1806cc41b750347ba888f49ea6405a33e011c7426a8d92d397a72e3ae49cbb1

kernel-tools-libs-devel-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 22fc7f168d3e6ba4dae635225c162e95dca556fa6cf4d2c87ba49bfc501b5e74

perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: 721159ff0e22adaf5bad143b48a7274efc0a51ddb78c2593da6435fa92dbe89f

python3-perf-debuginfo-4.18.0-348.23.1.el8_5.aarch64.rpm

SHA-256: ceaa8db9200819a0fdee81de2be3d13b41f88ac9e42c3af03d8a3a34d73d855b

Related news

CVE-2022-22323: IBM Security Identity Manager buffer overflow CVE-2022-22323 Vulnerability Report

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 218379.

CVE-2021-38874: IBM QRadar information disclosure CVE-2021-38874 Vulnerability Report

IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.

CVE-2021-38939: IBM QRadar information disclosure CVE-2021-38939 Vulnerability Report

IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. IBM X-Force ID: 211037.

CVE-2022-22345: IBM QRadar cross-site scripting CVE-2022-22345 Vulnerability Report

IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 220041.

CVE-2022-22312: Security Bulletin: IBM Security Verify Password Synchronization Plug-in for Windows AD is vulnerable to a denial of service vulnerability (CVE-2022-22323, CVE-2022-22312)

IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 217369.

CVE-2022-24889: Build software better, together

Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 21.0.8, 22.2.4, and 23.0.1, it is possible to trick administrators into enabling "recommended" apps for the Nextcloud server that they do not need, thus expanding their attack surface unnecessarily. This issue is fixed in versions 21.0.8 , 22.2.4, and 23.0.1.

CVE-2022-27905: Security Advisory - State Farm

In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive (C:\) to exploit this.

CVE-2022-27239: Linux CIFS Utils and Samba - Free Knowledge Base

In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.

RHSA-2022:1628: Red Hat Security Advisory: web-admin-build security update

Updated web-admin-build packages are now available for Red Hat Gluster Storage 3.5 Web Administration on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache

RHSA-2022:1626: Red Hat Security Advisory: Red Hat AMQ Broker 7.8.6 release and security update

Red Hat AMQ Broker 7.8.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+

RHSA-2022:1627: Red Hat Security Advisory: Red Hat AMQ Broker 7.9.4 release and security update

Red Hat AMQ Broker 7.9.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+

RHSA-2022:1420: Red Hat Security Advisory: OpenShift Container Platform 3.11.665 security and bug fix update

Red Hat OpenShift Container Platform release 3.11.665 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43859: xstream: Injecting highly recursive collections or maps can cause a DoS * CVE-2022-25173: workflow-cps: OS command execution through crafted SCM contents * CVE-2022-25174: workflow-cps-global-lib: OS command execution through crafted SCM contents * CVE-2022-25175: wo...

RHSA-2022:1619: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS

RHSA-2022:1618: Red Hat Security Advisory: convert2rhel security update

A security update for convert2rhel is now available for unsupported conversions of CentOS Linux 6 and Oracle Linux 6 to Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code

RHSA-2022:1617: Red Hat Security Advisory: convert2rhel security update

A security update for convert2rhel is now available for supported conversions of CentOS Linux 7 and Oracle Linux 7 to Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code

RHSA-2022:1599: Red Hat Security Advisory: convert2rhel security update

A security update for convert2rhel is now available for supported conversions of CentOS Linux 8 and Oracle Linux 8 to Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code

CVE-2022-27332: Security Advisory ZAA-2022-01 | Zammad

An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. This vulnerability can allow attackers to execute phishing attacks or cause a Denial of Service (DoS).

CVE-2022-27331: Security Advisory ZAA-2022-02 | Zammad

An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.

CVE-2022-29701: Security Advisory ZAA-2022-04 | Zammad

A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.

CVE-2022-28085: AddressSanitizer: heap-buffer-overflow in function pdf_write_names · Issue #480 · michaelrsweet/htmldoc

A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS).

CVE-2022-29700: Security Advisory ZAA-2022-03 | Zammad

A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification.

RHSA-2022:1546: Red Hat Security Advisory: polkit security update

An update for polkit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash

RHSA-2022:1552: Red Hat Security Advisory: vim security update

An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1154: vim: use after free in utf_ptr2char

RHSA-2022:1556: Red Hat Security Advisory: mariadb:10.3 security and bug fix update

An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-2154: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2166: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2372: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-2389: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-35604: mysql: InnoDB unspecified vulnerab...

RHSA-2022:1566: Red Hat Security Advisory: container-tools:2.0 security update

An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty

RHSA-2022:1565: Red Hat Security Advisory: container-tools:3.0 security and bug fix update

An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty

RHSA-2022:1535: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c

RHSA-2022:1592: Red Hat Security Advisory: gzip security update

An update for gzip is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability

RHSA-2022:1557: Red Hat Security Advisory: mariadb:10.5 security, bug fix, and enhancement update

An update for the mariadb:10.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-2154: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2166: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2372: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-2389: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-35604: mysql: InnoDB unspecified vulnerab...

RHSA-2022:1591: Red Hat Security Advisory: zlib security update

An update for zlib is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs

RHSA-2022:1555: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c

RHSA-2022:1589: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS

RHSA-2022:1537: Red Hat Security Advisory: gzip security update

An update for gzip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability

RHSA-2022:1540: Red Hat Security Advisory: xmlrpc-c security update

An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25235: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution

RHSA-2022:1541: Red Hat Security Advisory: maven-shared-utils security update

An update for maven-shared-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-29599: maven-shared-utils: Command injection via Commandline class

RHSA-2022:1539: Red Hat Security Advisory: xmlrpc-c security update

An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25235: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution