Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:6875: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#rpm#sap

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-10-11

Updated:

2022-10-11

RHSA-2022:6875 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM

kpatch-patch-4_18_0-147_64_1-1-4.el8_1.src.rpm

SHA-256: 3cb06f6847bcb08f103dd97da3cdddb623f32b7dea0163aea36b366669a5eaa9

kpatch-patch-4_18_0-147_65_1-1-3.el8_1.src.rpm

SHA-256: 10dda9db87e4e88ccc53c0224cf24411185c55ddb723bd0aca9a4ec7affa1b72

kpatch-patch-4_18_0-147_67_1-1-2.el8_1.src.rpm

SHA-256: 220de23cd1fa635a17d522decbbaf3a7477ebdb115697ba136285f70cc567e65

kpatch-patch-4_18_0-147_70_1-1-1.el8_1.src.rpm

SHA-256: 055d982f4ba9541b61e7285a15fe9d6a0f26bcf27336a8e617208c546a4f898c

kpatch-patch-4_18_0-147_74_1-1-1.el8_1.src.rpm

SHA-256: a8b46766b57c120f48ddeb38a44365e0759e590f5ffcb9cd5d655881d30bd72e

ppc64le

kpatch-patch-4_18_0-147_64_1-1-4.el8_1.ppc64le.rpm

SHA-256: c80cd730fbd055f8118345b3bed305598eba4dea52719968012a334e9e657c47

kpatch-patch-4_18_0-147_64_1-debuginfo-1-4.el8_1.ppc64le.rpm

SHA-256: 4b7d7f897160225f45963280db197d525e685e6cf63f140dda3dafa5f9c4223e

kpatch-patch-4_18_0-147_64_1-debugsource-1-4.el8_1.ppc64le.rpm

SHA-256: affbd1b6ade620d6c00b821f2851491f12fe5e38f867c0aa49470633ffae8c4e

kpatch-patch-4_18_0-147_65_1-1-3.el8_1.ppc64le.rpm

SHA-256: 59473c8775582b6e360e2919d8186404c30a1155c2987a3336d84ebdd2222e60

kpatch-patch-4_18_0-147_65_1-debuginfo-1-3.el8_1.ppc64le.rpm

SHA-256: 1ff4095dff6d20a6ecd6bf41e7e957be8a78bac2bb27d6d559b7182eb6da2e9d

kpatch-patch-4_18_0-147_65_1-debugsource-1-3.el8_1.ppc64le.rpm

SHA-256: cd8c5b386187fc4e44d37c52aedc15b0d02d2b171ce539cdab88b2583304811d

kpatch-patch-4_18_0-147_67_1-1-2.el8_1.ppc64le.rpm

SHA-256: 549b8d0f888ef1d57c2cac91a9ff9f46bb180ba7706e214ca14e97d261036d8f

kpatch-patch-4_18_0-147_67_1-debuginfo-1-2.el8_1.ppc64le.rpm

SHA-256: b024a2487749415014989aa53ebaa5f293d7eb0273a7e6617f6e213d1ad63d9d

kpatch-patch-4_18_0-147_67_1-debugsource-1-2.el8_1.ppc64le.rpm

SHA-256: 5e0a362ab3abc3af2f7ed93b79793258430fcaca326755d0516a47dbf624656a

kpatch-patch-4_18_0-147_70_1-1-1.el8_1.ppc64le.rpm

SHA-256: de20980b2a417b3c739446937941c7b045a6e20cdeb1f07d142fd41e1aff48ad

kpatch-patch-4_18_0-147_70_1-debuginfo-1-1.el8_1.ppc64le.rpm

SHA-256: f838a13cec5c2029c19be49d32ddd4fd3bd4f7b65b3e4bd9195771d52075b127

kpatch-patch-4_18_0-147_70_1-debugsource-1-1.el8_1.ppc64le.rpm

SHA-256: cbe5e8aa41544f48c585f0c13fffcc0830d17116c24933f6e89500c5082c3e34

kpatch-patch-4_18_0-147_74_1-1-1.el8_1.ppc64le.rpm

SHA-256: 80cde158cd5a08e1eaa54c216b1f5c804d3f362f6568340b9b997ea461c223e2

kpatch-patch-4_18_0-147_74_1-debuginfo-1-1.el8_1.ppc64le.rpm

SHA-256: facd9b1c9d70de3a5a9b8eb5c2b5348bbef7de6c861b12050043f899599423d3

kpatch-patch-4_18_0-147_74_1-debugsource-1-1.el8_1.ppc64le.rpm

SHA-256: dafea180437c0a02223f049ab6a7990ce9e7800bf8191481890e06600456eb81

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM

kpatch-patch-4_18_0-147_64_1-1-4.el8_1.src.rpm

SHA-256: 3cb06f6847bcb08f103dd97da3cdddb623f32b7dea0163aea36b366669a5eaa9

kpatch-patch-4_18_0-147_65_1-1-3.el8_1.src.rpm

SHA-256: 10dda9db87e4e88ccc53c0224cf24411185c55ddb723bd0aca9a4ec7affa1b72

kpatch-patch-4_18_0-147_67_1-1-2.el8_1.src.rpm

SHA-256: 220de23cd1fa635a17d522decbbaf3a7477ebdb115697ba136285f70cc567e65

kpatch-patch-4_18_0-147_70_1-1-1.el8_1.src.rpm

SHA-256: 055d982f4ba9541b61e7285a15fe9d6a0f26bcf27336a8e617208c546a4f898c

kpatch-patch-4_18_0-147_74_1-1-1.el8_1.src.rpm

SHA-256: a8b46766b57c120f48ddeb38a44365e0759e590f5ffcb9cd5d655881d30bd72e

x86_64

kpatch-patch-4_18_0-147_64_1-1-4.el8_1.x86_64.rpm

SHA-256: a437501a5743f876a1958e6bfc9544283be78d65a0d773cbc393b16bc9a08c84

kpatch-patch-4_18_0-147_64_1-debuginfo-1-4.el8_1.x86_64.rpm

SHA-256: 78305c9966c7b7dddda49a6a01a7639b62c3cc04176330e2dafef12352a76718

kpatch-patch-4_18_0-147_64_1-debugsource-1-4.el8_1.x86_64.rpm

SHA-256: 50976970d5981be48f9210cff7fab8cc0b73fc0b4b1d3bf5c5b38d12c757efb3

kpatch-patch-4_18_0-147_65_1-1-3.el8_1.x86_64.rpm

SHA-256: 3da0859b6d29661f7a9f13ac9dd177474e75441b3e114f4802613aacbebfcfe6

kpatch-patch-4_18_0-147_65_1-debuginfo-1-3.el8_1.x86_64.rpm

SHA-256: ee9717998517d6cdde04b56eb6f6bbb6426b328ca4f998b6ae75693428599634

kpatch-patch-4_18_0-147_65_1-debugsource-1-3.el8_1.x86_64.rpm

SHA-256: 29b3e60cf0bc2c79035caa1671138dec6786e020de23e61ab9d9c660bdc0ff5c

kpatch-patch-4_18_0-147_67_1-1-2.el8_1.x86_64.rpm

SHA-256: 8a6dd583e68049371b5c03a7bb3d28471352ecf20ceba5372b15bdf574c7c698

kpatch-patch-4_18_0-147_67_1-debuginfo-1-2.el8_1.x86_64.rpm

SHA-256: d0b03a6360786ca864d9e96e597918d25c537ac138814048e669e18275f8683d

kpatch-patch-4_18_0-147_67_1-debugsource-1-2.el8_1.x86_64.rpm

SHA-256: 025e4c28d135dcd256e4c4ca3ecedd8da28e9963daf64702d2d26c29f0ba428d

kpatch-patch-4_18_0-147_70_1-1-1.el8_1.x86_64.rpm

SHA-256: 1060a2a9475c6122c44c72c1b2952aefad1e221ea0961b0e60b633906cbf0b5c

kpatch-patch-4_18_0-147_70_1-debuginfo-1-1.el8_1.x86_64.rpm

SHA-256: dc9712aa222c4b714aa4737d323cee911a1fc2d289b41c860a4ca9c9f36d0d64

kpatch-patch-4_18_0-147_70_1-debugsource-1-1.el8_1.x86_64.rpm

SHA-256: aebd2aab9e77b4aa72599d6813cc81c714ffea4c125e15350850d93dfbaa7dfc

kpatch-patch-4_18_0-147_74_1-1-1.el8_1.x86_64.rpm

SHA-256: 9c0eda714e0545242ca449168a828abcac97ff4ecc73fdec734a0e1e390221d1

kpatch-patch-4_18_0-147_74_1-debuginfo-1-1.el8_1.x86_64.rpm

SHA-256: eca8eb41d53412cff06bde513db8a9e5fccf009bb087e5b81599512e6ba82fcc

kpatch-patch-4_18_0-147_74_1-debugsource-1-1.el8_1.x86_64.rpm

SHA-256: 508b07c65871f9865b924a1e9c8d693d295170a02ae89339ac2180e4ea7ad97f

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2023-4023-01

Red Hat Security Advisory 2023-4023-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

RHSA-2022:7874: Red Hat Security Advisory: OpenShift Container Platform 4.8.53 bug fix and security update

Red Hat OpenShift Container Platform release 4.8.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go...

RHSA-2022:7434: Red Hat Security Advisory: Logging Subsystem 5.5.4 - Red Hat OpenShift security update

Logging Subsystem 5.5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

RHSA-2022:7885: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Red Hat Security Advisory 2022-7216-01

Red Hat Security Advisory 2022-7216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.51. Issues addressed include code execution and memory leak vulnerabilities.

Red Hat Security Advisory 2022-7337-01

Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7201-01

Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2022-7279-01

Red Hat Security Advisory 2022-7279-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:7280: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete c...

Red Hat Security Advisory 2022-7110-01

Red Hat Security Advisory 2022-7110-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:7173: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3715: kernel: use-after-free in route4_change() in net/sched/cls_route.c * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

RHSA-2022:7110: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0494: kernel: information leak in scsi_ioctl() * CVE-2022-1353: Kernel: A kernel-info-leak issue in pfkey_register * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-23816: hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions * CVE-2022-23825: hw: cpu:...

CVE-2022-38108: Published | Zero Day Initiative

SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.

Red Hat Security Advisory 2022-6991-01

Red Hat Security Advisory 2022-6991-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:6983: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CV...

RHSA-2022:6991: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) *...

CVE-2022-41686: en/security-disclosure/2022/2022-10.md · OpenHarmony/security - Gitee.com

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.

Red Hat Security Advisory 2022-6875-01

Red Hat Security Advisory 2022-6875-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:6872: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete clea...

Ubuntu Security Notice USN-5588-1

Ubuntu Security Notice 5588-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code.

Kernel Live Patch Security Notice LSN-0089-1

Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. Various other vulnerabilities were also discovered.

Ubuntu Security Notice USN-5582-1

Ubuntu Security Notice 5582-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code.

"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability Uncovered

Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe." Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw (CVE-2022-2588) to escalate privileges to the maximum level. "DirtyCred is a kernel exploitation concept that swaps unprivileged

Ubuntu Security Notice USN-5567-1

Ubuntu Security Notice 5567-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5566-1

Ubuntu Security Notice 5566-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5565-1

Ubuntu Security Notice 5565-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5564-1

Ubuntu Security Notice 5564-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5562-1

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5560-1

Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.