Headline
RHSA-2023:3490: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2023-2008: A flaw was found in the Linux kernel’s udmabuf device driver, within a fault handler. This issue occurs due to the lack of proper validation of user-supplied data, which can result in memory access past the end of an array. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.
- CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially escalate their privileges on the system.
Synopsis
Important: kpatch-patch security update
Type / Sévérité
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Sujet
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
- kernel: udmabuf: improper validation of array index leading to local privilege escalation (CVE-2023-2008)
- kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Produits concernés
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
Correctifs
- BZ - 2176192 - CVE-2023-0461 kernel: net/ulp: use-after-free in listening ULP sockets
- BZ - 2186862 - CVE-2023-2008 kernel: udmabuf: improper validation of array index leading to local privilege escalation
- BZ - 2196105 - CVE-2023-32233 kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
CVE
- CVE-2023-0461
- CVE-2023-2008
- CVE-2023-32233
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.src.rpm
SHA-256: fc16870d91df7e92dd9991f410cef9187408238482e04df2f6068494b25f5509
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.src.rpm
SHA-256: 1576beb25bc0457f89f094346800b28b0900f0529ac14d5193bf25a901af92a3
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.src.rpm
SHA-256: 91d8edb0bc5b36156bdb7e798286d942545b89b5dc9ce1385782abd76ce52b6a
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.src.rpm
SHA-256: 77982f6bb05b96f8a1168ab13c0cace60f299ab810c9dc1e95987cd9aedda39b
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.src.rpm
SHA-256: 57938c01a10d4263002512a1ebfe2f5e8161b2ce484dddcc43c1cdfd5dca14ec
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.src.rpm
SHA-256: fef1f36d013d3de64bd4ee3a9c71a61cf8be8fa4a367a9c1c58c5cc097ead3ce
x86_64
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.x86_64.rpm
SHA-256: 002c7f6508e4c6fa78f56f64b9cad189642fce4cfd04d9f3798685de467cc515
kpatch-patch-5_14_0-70_30_1-debuginfo-1-6.el9_0.x86_64.rpm
SHA-256: 60cb4a337036c4c2c4acb92390eae107ed4ca3cb62e74762b63302116797bf3e
kpatch-patch-5_14_0-70_30_1-debugsource-1-6.el9_0.x86_64.rpm
SHA-256: 1d36e44497a2e4733e53b4551f87cb961cfa42ef88c14e3d22b73d8decdfb75b
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.x86_64.rpm
SHA-256: 2c5c79a9483a1f5cdd30a2c393ceb1e8e89075df38f714e40ce379631be82281
kpatch-patch-5_14_0-70_36_1-debuginfo-1-5.el9_0.x86_64.rpm
SHA-256: 240b3920979e644d140cb9ce02cf9eb160810d6ba5bc82d7ed21cfc30efceab7
kpatch-patch-5_14_0-70_36_1-debugsource-1-5.el9_0.x86_64.rpm
SHA-256: 3ed7957187b05c19eb20ebdeb055b2e9690448dccab6fdb9eb7628f139878da8
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.x86_64.rpm
SHA-256: d95f0acb2dad23641d20f447050e202195549a7e476a8245638da3609a979c1d
kpatch-patch-5_14_0-70_43_1-debuginfo-1-4.el9_0.x86_64.rpm
SHA-256: f998e2e406eedb4c2a0ba0669cb6cf7f960303898d77afa5887490988280baaa
kpatch-patch-5_14_0-70_43_1-debugsource-1-4.el9_0.x86_64.rpm
SHA-256: 02768841608074c47130fda2c46270056f863aade2a1fd89c6e449bbd898a0ec
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.x86_64.rpm
SHA-256: 2f470000a46520941f4a0d94e9447bb483004da275e1eb84cf2da2dce052132a
kpatch-patch-5_14_0-70_49_1-debuginfo-1-3.el9_0.x86_64.rpm
SHA-256: 7672cf9a86f66853066ba932960012c7fd1779aec3037c247f91469471d270a5
kpatch-patch-5_14_0-70_49_1-debugsource-1-3.el9_0.x86_64.rpm
SHA-256: 98fbb0f08417855f29b19e5168adead1a9f4f4ac7e8469396b8de9e60af1625a
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.x86_64.rpm
SHA-256: 7ecbafb1fb0c7f435d8595711cf01833f4e1cd027033c1815ba328aba1a6edf9
kpatch-patch-5_14_0-70_50_2-debuginfo-1-2.el9_0.x86_64.rpm
SHA-256: 1a349f384cd1fe2004121f6f707f2f5b8fe615ab2ccb21968fef7f759fccf0b2
kpatch-patch-5_14_0-70_50_2-debugsource-1-2.el9_0.x86_64.rpm
SHA-256: 665b8c34110814a391a306ffd0072f09bd07746a82e7ec5a9e4086463fd32658
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.x86_64.rpm
SHA-256: 076ac26dfc3e64066d217175723d53d2b5d723b7854c355ebfc87762f405a88f
kpatch-patch-5_14_0-70_53_1-debuginfo-1-1.el9_0.x86_64.rpm
SHA-256: cb1cc1f99194cfbbaa38955f1661482cbfd060214dc054361fa782cb3fad0f4d
kpatch-patch-5_14_0-70_53_1-debugsource-1-1.el9_0.x86_64.rpm
SHA-256: 7d730ca587658c22ba53b0b7be0a657b605618ee277b07d5771c9d382cb328e1
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.src.rpm
SHA-256: fc16870d91df7e92dd9991f410cef9187408238482e04df2f6068494b25f5509
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.src.rpm
SHA-256: 1576beb25bc0457f89f094346800b28b0900f0529ac14d5193bf25a901af92a3
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.src.rpm
SHA-256: 91d8edb0bc5b36156bdb7e798286d942545b89b5dc9ce1385782abd76ce52b6a
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.src.rpm
SHA-256: 77982f6bb05b96f8a1168ab13c0cace60f299ab810c9dc1e95987cd9aedda39b
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.src.rpm
SHA-256: 57938c01a10d4263002512a1ebfe2f5e8161b2ce484dddcc43c1cdfd5dca14ec
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.src.rpm
SHA-256: fef1f36d013d3de64bd4ee3a9c71a61cf8be8fa4a367a9c1c58c5cc097ead3ce
ppc64le
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.ppc64le.rpm
SHA-256: 2029d5af4e4348053a3ce4f5014e07ed5be6afc90290896b7f696d318997d745
kpatch-patch-5_14_0-70_30_1-debuginfo-1-6.el9_0.ppc64le.rpm
SHA-256: c3b5a398aec80db8eaa73364ac4a051560d783c303762f6c32977d8f46e5b61a
kpatch-patch-5_14_0-70_30_1-debugsource-1-6.el9_0.ppc64le.rpm
SHA-256: d9cbdba8aebf77fa65a5e58827c27460d853a0097a78237afb615e996dafc3f3
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.ppc64le.rpm
SHA-256: 2bf3335819a123c8505400c708c4744c79300667f4d77e5d60acb4ae1437aa8c
kpatch-patch-5_14_0-70_36_1-debuginfo-1-5.el9_0.ppc64le.rpm
SHA-256: aa568df88733afa99b774e1defeb4379162cd18ee0227f1c8ac63a4d2870453e
kpatch-patch-5_14_0-70_36_1-debugsource-1-5.el9_0.ppc64le.rpm
SHA-256: 5f9ade690310dea8fb66703734b942c95559ea21132b52a15192561e69ed209b
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.ppc64le.rpm
SHA-256: cb5ebffa7f1f2969a6268cf1156cd026420a8377e9ab929d33e43f7d73d5de0e
kpatch-patch-5_14_0-70_43_1-debuginfo-1-4.el9_0.ppc64le.rpm
SHA-256: 5b63c05c21dd96dde8524b010b6d0f9ab3064d9693f3bc27111c3a2bc493656d
kpatch-patch-5_14_0-70_43_1-debugsource-1-4.el9_0.ppc64le.rpm
SHA-256: f1a6d97181ba12639988c638133c4681a3f6709e75d0b1414f48ec602924fa6f
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.ppc64le.rpm
SHA-256: 57e4611eca8f9fe26767c5dca6b58ea51d4ce446247af468d0db7009501779b9
kpatch-patch-5_14_0-70_49_1-debuginfo-1-3.el9_0.ppc64le.rpm
SHA-256: c3fad3ea303d46fe8c35e807d98687d41c11dc42fe62a7303f5848685a377fa2
kpatch-patch-5_14_0-70_49_1-debugsource-1-3.el9_0.ppc64le.rpm
SHA-256: e418b2e6a69212d5eb676a68e639dfab75c1c1f2b7801966254359f5dac19e15
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.ppc64le.rpm
SHA-256: 0f049ff810c3f18f6b6342aa839107115814a4aaf85c03f6912b43a6a0797c2e
kpatch-patch-5_14_0-70_50_2-debuginfo-1-2.el9_0.ppc64le.rpm
SHA-256: 5e4fd27047a227f1dc0b85b006087a421a2f88f5a4fef7d546b015ebe3359b25
kpatch-patch-5_14_0-70_50_2-debugsource-1-2.el9_0.ppc64le.rpm
SHA-256: 937544f24e0320b637917a3c552a0aadb7e3996eb0cfad5cbe0f85c3cfadeac1
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.ppc64le.rpm
SHA-256: 3aa2f2f7a5f8bbee1bbb24dd30b64a5273532e0fc4d9665ebf925a956e38b076
kpatch-patch-5_14_0-70_53_1-debuginfo-1-1.el9_0.ppc64le.rpm
SHA-256: 44f1f5fb95de65cea5d83c6c524e9813a9a66ced891fabbc85aabc30204b0ae1
kpatch-patch-5_14_0-70_53_1-debugsource-1-1.el9_0.ppc64le.rpm
SHA-256: 05258cb994a90c11fd95b2572152754d42f173696e0e16b0969939f171938b4e
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.src.rpm
SHA-256: fc16870d91df7e92dd9991f410cef9187408238482e04df2f6068494b25f5509
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.src.rpm
SHA-256: 1576beb25bc0457f89f094346800b28b0900f0529ac14d5193bf25a901af92a3
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.src.rpm
SHA-256: 91d8edb0bc5b36156bdb7e798286d942545b89b5dc9ce1385782abd76ce52b6a
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.src.rpm
SHA-256: 77982f6bb05b96f8a1168ab13c0cace60f299ab810c9dc1e95987cd9aedda39b
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.src.rpm
SHA-256: 57938c01a10d4263002512a1ebfe2f5e8161b2ce484dddcc43c1cdfd5dca14ec
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.src.rpm
SHA-256: fef1f36d013d3de64bd4ee3a9c71a61cf8be8fa4a367a9c1c58c5cc097ead3ce
ppc64le
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.ppc64le.rpm
SHA-256: 2029d5af4e4348053a3ce4f5014e07ed5be6afc90290896b7f696d318997d745
kpatch-patch-5_14_0-70_30_1-debuginfo-1-6.el9_0.ppc64le.rpm
SHA-256: c3b5a398aec80db8eaa73364ac4a051560d783c303762f6c32977d8f46e5b61a
kpatch-patch-5_14_0-70_30_1-debugsource-1-6.el9_0.ppc64le.rpm
SHA-256: d9cbdba8aebf77fa65a5e58827c27460d853a0097a78237afb615e996dafc3f3
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.ppc64le.rpm
SHA-256: 2bf3335819a123c8505400c708c4744c79300667f4d77e5d60acb4ae1437aa8c
kpatch-patch-5_14_0-70_36_1-debuginfo-1-5.el9_0.ppc64le.rpm
SHA-256: aa568df88733afa99b774e1defeb4379162cd18ee0227f1c8ac63a4d2870453e
kpatch-patch-5_14_0-70_36_1-debugsource-1-5.el9_0.ppc64le.rpm
SHA-256: 5f9ade690310dea8fb66703734b942c95559ea21132b52a15192561e69ed209b
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.ppc64le.rpm
SHA-256: cb5ebffa7f1f2969a6268cf1156cd026420a8377e9ab929d33e43f7d73d5de0e
kpatch-patch-5_14_0-70_43_1-debuginfo-1-4.el9_0.ppc64le.rpm
SHA-256: 5b63c05c21dd96dde8524b010b6d0f9ab3064d9693f3bc27111c3a2bc493656d
kpatch-patch-5_14_0-70_43_1-debugsource-1-4.el9_0.ppc64le.rpm
SHA-256: f1a6d97181ba12639988c638133c4681a3f6709e75d0b1414f48ec602924fa6f
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.ppc64le.rpm
SHA-256: 57e4611eca8f9fe26767c5dca6b58ea51d4ce446247af468d0db7009501779b9
kpatch-patch-5_14_0-70_49_1-debuginfo-1-3.el9_0.ppc64le.rpm
SHA-256: c3fad3ea303d46fe8c35e807d98687d41c11dc42fe62a7303f5848685a377fa2
kpatch-patch-5_14_0-70_49_1-debugsource-1-3.el9_0.ppc64le.rpm
SHA-256: e418b2e6a69212d5eb676a68e639dfab75c1c1f2b7801966254359f5dac19e15
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.ppc64le.rpm
SHA-256: 0f049ff810c3f18f6b6342aa839107115814a4aaf85c03f6912b43a6a0797c2e
kpatch-patch-5_14_0-70_50_2-debuginfo-1-2.el9_0.ppc64le.rpm
SHA-256: 5e4fd27047a227f1dc0b85b006087a421a2f88f5a4fef7d546b015ebe3359b25
kpatch-patch-5_14_0-70_50_2-debugsource-1-2.el9_0.ppc64le.rpm
SHA-256: 937544f24e0320b637917a3c552a0aadb7e3996eb0cfad5cbe0f85c3cfadeac1
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.ppc64le.rpm
SHA-256: 3aa2f2f7a5f8bbee1bbb24dd30b64a5273532e0fc4d9665ebf925a956e38b076
kpatch-patch-5_14_0-70_53_1-debuginfo-1-1.el9_0.ppc64le.rpm
SHA-256: 44f1f5fb95de65cea5d83c6c524e9813a9a66ced891fabbc85aabc30204b0ae1
kpatch-patch-5_14_0-70_53_1-debugsource-1-1.el9_0.ppc64le.rpm
SHA-256: 05258cb994a90c11fd95b2572152754d42f173696e0e16b0969939f171938b4e
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.src.rpm
SHA-256: fc16870d91df7e92dd9991f410cef9187408238482e04df2f6068494b25f5509
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.src.rpm
SHA-256: 1576beb25bc0457f89f094346800b28b0900f0529ac14d5193bf25a901af92a3
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.src.rpm
SHA-256: 91d8edb0bc5b36156bdb7e798286d942545b89b5dc9ce1385782abd76ce52b6a
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.src.rpm
SHA-256: 77982f6bb05b96f8a1168ab13c0cace60f299ab810c9dc1e95987cd9aedda39b
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.src.rpm
SHA-256: 57938c01a10d4263002512a1ebfe2f5e8161b2ce484dddcc43c1cdfd5dca14ec
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.src.rpm
SHA-256: fef1f36d013d3de64bd4ee3a9c71a61cf8be8fa4a367a9c1c58c5cc097ead3ce
x86_64
kpatch-patch-5_14_0-70_30_1-1-6.el9_0.x86_64.rpm
SHA-256: 002c7f6508e4c6fa78f56f64b9cad189642fce4cfd04d9f3798685de467cc515
kpatch-patch-5_14_0-70_30_1-debuginfo-1-6.el9_0.x86_64.rpm
SHA-256: 60cb4a337036c4c2c4acb92390eae107ed4ca3cb62e74762b63302116797bf3e
kpatch-patch-5_14_0-70_30_1-debugsource-1-6.el9_0.x86_64.rpm
SHA-256: 1d36e44497a2e4733e53b4551f87cb961cfa42ef88c14e3d22b73d8decdfb75b
kpatch-patch-5_14_0-70_36_1-1-5.el9_0.x86_64.rpm
SHA-256: 2c5c79a9483a1f5cdd30a2c393ceb1e8e89075df38f714e40ce379631be82281
kpatch-patch-5_14_0-70_36_1-debuginfo-1-5.el9_0.x86_64.rpm
SHA-256: 240b3920979e644d140cb9ce02cf9eb160810d6ba5bc82d7ed21cfc30efceab7
kpatch-patch-5_14_0-70_36_1-debugsource-1-5.el9_0.x86_64.rpm
SHA-256: 3ed7957187b05c19eb20ebdeb055b2e9690448dccab6fdb9eb7628f139878da8
kpatch-patch-5_14_0-70_43_1-1-4.el9_0.x86_64.rpm
SHA-256: d95f0acb2dad23641d20f447050e202195549a7e476a8245638da3609a979c1d
kpatch-patch-5_14_0-70_43_1-debuginfo-1-4.el9_0.x86_64.rpm
SHA-256: f998e2e406eedb4c2a0ba0669cb6cf7f960303898d77afa5887490988280baaa
kpatch-patch-5_14_0-70_43_1-debugsource-1-4.el9_0.x86_64.rpm
SHA-256: 02768841608074c47130fda2c46270056f863aade2a1fd89c6e449bbd898a0ec
kpatch-patch-5_14_0-70_49_1-1-3.el9_0.x86_64.rpm
SHA-256: 2f470000a46520941f4a0d94e9447bb483004da275e1eb84cf2da2dce052132a
kpatch-patch-5_14_0-70_49_1-debuginfo-1-3.el9_0.x86_64.rpm
SHA-256: 7672cf9a86f66853066ba932960012c7fd1779aec3037c247f91469471d270a5
kpatch-patch-5_14_0-70_49_1-debugsource-1-3.el9_0.x86_64.rpm
SHA-256: 98fbb0f08417855f29b19e5168adead1a9f4f4ac7e8469396b8de9e60af1625a
kpatch-patch-5_14_0-70_50_2-1-2.el9_0.x86_64.rpm
SHA-256: 7ecbafb1fb0c7f435d8595711cf01833f4e1cd027033c1815ba328aba1a6edf9
kpatch-patch-5_14_0-70_50_2-debuginfo-1-2.el9_0.x86_64.rpm
SHA-256: 1a349f384cd1fe2004121f6f707f2f5b8fe615ab2ccb21968fef7f759fccf0b2
kpatch-patch-5_14_0-70_50_2-debugsource-1-2.el9_0.x86_64.rpm
SHA-256: 665b8c34110814a391a306ffd0072f09bd07746a82e7ec5a9e4086463fd32658
kpatch-patch-5_14_0-70_53_1-1-1.el9_0.x86_64.rpm
SHA-256: 076ac26dfc3e64066d217175723d53d2b5d723b7854c355ebfc87762f405a88f
kpatch-patch-5_14_0-70_53_1-debuginfo-1-1.el9_0.x86_64.rpm
SHA-256: cb1cc1f99194cfbbaa38955f1661482cbfd060214dc054361fa782cb3fad0f4d
kpatch-patch-5_14_0-70_53_1-debugsource-1-1.el9_0.x86_64.rpm
SHA-256: 7d730ca587658c22ba53b0b7be0a657b605618ee277b07d5771c9d382cb328e1
Related news
Red Hat Security Advisory 2023-5622-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include memory leak, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5419-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...
Red Hat Security Advisory 2023-4664-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.3 images. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-4262-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat OpenShift Container Platform release 4.11.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21235: A flaw was found in the VCS package, caused by improper validation of user-supplied input. By using a specially-crafted argument, a remote attacker could execute arbitrary commands o...
Red Hat Security Advisory 2023-4126-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kpatch-patch-4_18_0-193_100_1, kpatch-patch-4_18_0-193_105_1, kpatch-patch-4_18_0-193_95_1, and kpatch-patch-4_18_0-193_98_1 is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user...
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local ...
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A use-afte...
Red Hat Security Advisory 2023-3723-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3708-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3705-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 6175-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6149-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3465-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3470-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-2008: A flaw was found in the Linux kernel's udm...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-2008: A flaw was found in the Linux kernel's udm...
Ubuntu Security Notice 6135-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2023-3349-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 6132-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6131-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6124-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially...
Red Hat Security Advisory 2023-3191-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include denial of service and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-1390: A remote denial of service vu...
Debian Linux Security Advisory 5402-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user to crash or potentially escalate their privileges on the system.
A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel.
Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the Upper Level Protocol (ULP) subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Ubuntu Security Notice 5951-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5917-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5915-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation does not require any privilege. There is a use-after-free bug of icsk_ulp_data of a struct inet_connection_sock. When CONFIG_TLS is enabled, user can install a tls context (struct tls_context) on a connected tcp socket. The context is not cleared if this socket is disconnected and reused as a listener. If a new socket is created from the listener, the context is inherited and vulnerable. The setsockopt TCP_ULP operation does not require any privilege. We recommend upgrading past commit 2c02d41d71f90a5168391b6a5f2954112ba2307c