Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4020: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#kubernetes#aws

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

All Products

Publié :

2023-07-11

Mis à jour :

2023-07-11

RHSA-2023:4020 - Security Advisory

  • Aperçu général
  • Paquets mis à jour

Synopsis

Important: kernel security and bug fix update

Type / Sévérité

Security Advisory: Important

Analyse des correctifs dans Red Hat Insights

Identifiez et remédiez aux systèmes concernés par cette alerte.

Voir les systèmes concernés

Sujet

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • The iscsi target deadlocks when the same host acts as an initiator to itself (i.e. connects via 127.0.0.1) (BZ#2184012)
  • Double free issue in filelayout_alloc_commit_info (BZ#2212887)
  • RHEL 7.2 XFS inode cluster corruption (BZ#2213362)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Produits concernés

  • Red Hat Enterprise Linux Server - AUS 7.4 x86_64

Correctifs

  • BZ - 2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

Red Hat Enterprise Linux Server - AUS 7.4

SRPM

kernel-3.10.0-693.111.1.el7.src.rpm

SHA-256: 0ae0a81f0f73188cf4c17cce13d94cdac9a1dffb28f0f1646a5ce6e029c430b7

x86_64

kernel-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 857b0ed4fe3b7ec848272d088952358bf08f55077c6ab2554742a8e8ee27fc41

kernel-abi-whitelists-3.10.0-693.111.1.el7.noarch.rpm

SHA-256: 9ee665d7eff027fa526e57452644b168cf1cfccc0026d36107faa418cb330d8c

kernel-debug-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: adf19c7faf48f1868470b55c683e9686e05c1d7cf78288cff5bd541a6828fe3c

kernel-debug-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 5f361d3aa297fce0b9790512cb56a524589e342ce9afc1c079481ccdbfba97c4

kernel-debug-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 5f361d3aa297fce0b9790512cb56a524589e342ce9afc1c079481ccdbfba97c4

kernel-debug-devel-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 9a51d12380a4b58eabd1bbc7ca128426a87309f9bae43c07c3847b1241d97ccc

kernel-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 5b97d8e10841f474b54f08d579eed3c081914154e91b93b7eddd29d3a0319149

kernel-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 5b97d8e10841f474b54f08d579eed3c081914154e91b93b7eddd29d3a0319149

kernel-debuginfo-common-x86_64-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 316d2d2b8e2ad7cfc73e7342399e20e34b44678bad40ba5c5f913fffbd2fcf95

kernel-debuginfo-common-x86_64-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 316d2d2b8e2ad7cfc73e7342399e20e34b44678bad40ba5c5f913fffbd2fcf95

kernel-devel-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 0049e8b279ac7f540731fbc163d4de629b07f70b75fbd5867812e5e712e5a716

kernel-doc-3.10.0-693.111.1.el7.noarch.rpm

SHA-256: 1c7bb46793838249a5fd2a5ca38a38caccce452f666aa2dcc1f404be9f2cf032

kernel-headers-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 6ac96b51f9edfe6db37358644450ff9cf8e9d9979ddef58a9546075effccd7d6

kernel-tools-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: ba9e4fd6d6c809f1df2d17162281952cdbcbd8fddb9d924c9b98b871d21c11bd

kernel-tools-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 8c88dd8c49e4cc249e933b75ff33b92ee2f3777911ad450107c1d8dda66c053c

kernel-tools-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 8c88dd8c49e4cc249e933b75ff33b92ee2f3777911ad450107c1d8dda66c053c

kernel-tools-libs-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 26c3a3969c4a9dd4322a97eb1df9686fcb6369fc0ad11e1cddcae1d42026d3ae

kernel-tools-libs-devel-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 3f56356fe489cd32b106f37ca7362ea87bc430caee51d3507cc253dbfbd62a6e

perf-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: abec6acc3a278931a0ded385777a894e727f1acdff7083c19ba24c23ebae1fda

perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 1e464f85268b2925c02b2bc6b2ec26f810e0132705748c58029a4cc05090e60e

perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 1e464f85268b2925c02b2bc6b2ec26f810e0132705748c58029a4cc05090e60e

python-perf-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: 6e503d1cf27ee0b0d0614a501d7a824ddeca832f463c4de0a28e318cd839b4ff

python-perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: a22f96f2452c42f92f5c8887694dd942fb833ccf8b1998efbf3537907fd68def

python-perf-debuginfo-3.10.0-693.111.1.el7.x86_64.rpm

SHA-256: a22f96f2452c42f92f5c8887694dd942fb833ccf8b1998efbf3537907fd68def

Le contact Red Hat Security est [email protected]. Plus d’infos contact à https://access.redhat.com/security/team/contact/.

Related news

RHSA-2023:4151: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.

Red Hat Security Advisory 2023-3491-01

Red Hat Security Advisory 2023-3491-01 - An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-3431-01

Red Hat Security Advisory 2023-3431-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

RHSA-2023:3278: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.

RHSA-2023:3277: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows...

Red Hat Security Advisory 2023-1560-01

Red Hat Security Advisory 2023-1560-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-1251-01

Red Hat Security Advisory 2023-1251-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Ubuntu Security Notice USN-5754-2

Ubuntu Security Notice 5754-2 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-5757-2

Ubuntu Security Notice 5757-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5756-1

Ubuntu Security Notice 5756-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-5754-1

Ubuntu Security Notice 5754-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.