Headline
RHSA-2023:4020: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
Publié :
2023-07-11
Mis à jour :
2023-07-11
RHSA-2023:4020 - Security Advisory
- Aperçu général
- Paquets mis à jour
Synopsis
Important: kernel security and bug fix update
Type / Sévérité
Security Advisory: Important
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte.
Voir les systèmes concernés
Sujet
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- The iscsi target deadlocks when the same host acts as an initiator to itself (i.e. connects via 127.0.0.1) (BZ#2184012)
- Double free issue in filelayout_alloc_commit_info (BZ#2212887)
- RHEL 7.2 XFS inode cluster corruption (BZ#2213362)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Produits concernés
- Red Hat Enterprise Linux Server - AUS 7.4 x86_64
Correctifs
- BZ - 2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c
Red Hat Enterprise Linux Server - AUS 7.4
SRPM
kernel-3.10.0-693.111.1.el7.src.rpm
SHA-256: 0ae0a81f0f73188cf4c17cce13d94cdac9a1dffb28f0f1646a5ce6e029c430b7
x86_64
kernel-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 857b0ed4fe3b7ec848272d088952358bf08f55077c6ab2554742a8e8ee27fc41
kernel-abi-whitelists-3.10.0-693.111.1.el7.noarch.rpm
SHA-256: 9ee665d7eff027fa526e57452644b168cf1cfccc0026d36107faa418cb330d8c
kernel-debug-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: adf19c7faf48f1868470b55c683e9686e05c1d7cf78288cff5bd541a6828fe3c
kernel-debug-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 5f361d3aa297fce0b9790512cb56a524589e342ce9afc1c079481ccdbfba97c4
kernel-debug-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 5f361d3aa297fce0b9790512cb56a524589e342ce9afc1c079481ccdbfba97c4
kernel-debug-devel-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 9a51d12380a4b58eabd1bbc7ca128426a87309f9bae43c07c3847b1241d97ccc
kernel-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 5b97d8e10841f474b54f08d579eed3c081914154e91b93b7eddd29d3a0319149
kernel-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 5b97d8e10841f474b54f08d579eed3c081914154e91b93b7eddd29d3a0319149
kernel-debuginfo-common-x86_64-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 316d2d2b8e2ad7cfc73e7342399e20e34b44678bad40ba5c5f913fffbd2fcf95
kernel-debuginfo-common-x86_64-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 316d2d2b8e2ad7cfc73e7342399e20e34b44678bad40ba5c5f913fffbd2fcf95
kernel-devel-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 0049e8b279ac7f540731fbc163d4de629b07f70b75fbd5867812e5e712e5a716
kernel-doc-3.10.0-693.111.1.el7.noarch.rpm
SHA-256: 1c7bb46793838249a5fd2a5ca38a38caccce452f666aa2dcc1f404be9f2cf032
kernel-headers-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 6ac96b51f9edfe6db37358644450ff9cf8e9d9979ddef58a9546075effccd7d6
kernel-tools-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: ba9e4fd6d6c809f1df2d17162281952cdbcbd8fddb9d924c9b98b871d21c11bd
kernel-tools-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 8c88dd8c49e4cc249e933b75ff33b92ee2f3777911ad450107c1d8dda66c053c
kernel-tools-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 8c88dd8c49e4cc249e933b75ff33b92ee2f3777911ad450107c1d8dda66c053c
kernel-tools-libs-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 26c3a3969c4a9dd4322a97eb1df9686fcb6369fc0ad11e1cddcae1d42026d3ae
kernel-tools-libs-devel-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 3f56356fe489cd32b106f37ca7362ea87bc430caee51d3507cc253dbfbd62a6e
perf-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: abec6acc3a278931a0ded385777a894e727f1acdff7083c19ba24c23ebae1fda
perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 1e464f85268b2925c02b2bc6b2ec26f810e0132705748c58029a4cc05090e60e
perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 1e464f85268b2925c02b2bc6b2ec26f810e0132705748c58029a4cc05090e60e
python-perf-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: 6e503d1cf27ee0b0d0614a501d7a824ddeca832f463c4de0a28e318cd839b4ff
python-perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: a22f96f2452c42f92f5c8887694dd942fb833ccf8b1998efbf3537907fd68def
python-perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm
SHA-256: a22f96f2452c42f92f5c8887694dd942fb833ccf8b1998efbf3537907fd68def
Le contact Red Hat Security est [email protected]. Plus d’infos contact à https://access.redhat.com/security/team/contact/.
Related news
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
Red Hat Security Advisory 2023-3491-01 - An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-3431-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows...
Red Hat Security Advisory 2023-1560-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-1251-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Ubuntu Security Notice 5754-2 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5757-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5756-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5754-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.