Headline
RHSA-2023:5548: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in
__ip_options_echo
and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. - CVE-2023-4004: A use-after-free flaw was found in the Linux kernel’s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
- CVE-2023-4128: A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.
- CVE-2023-35001: An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel’s nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment.
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
- kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() (CVE-2023-4004)
- kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128)
- kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Fixes
- BZ - 2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb
- BZ - 2220892 - CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
- BZ - 2225275 - CVE-2023-4004 kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()
- BZ - 2225511 - CVE-2023-4128 kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route
CVEs
- CVE-2023-3090
- CVE-2023-4004
- CVE-2023-4128
- CVE-2023-35001
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm
SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm
SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm
SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm
SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm
SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm
SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c
x86_64
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm
SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3
kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm
SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06
kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm
SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm
SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925
kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm
SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c
kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm
SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm
SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb
kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm
SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296
kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm
SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm
SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d
kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120
kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm
SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3
kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f
kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm
SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc
kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650
kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm
SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm
SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm
SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm
SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm
SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm
SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c
x86_64
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm
SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3
kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm
SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06
kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm
SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm
SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925
kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm
SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c
kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm
SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm
SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb
kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm
SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296
kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm
SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm
SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d
kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120
kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm
SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3
kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f
kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm
SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc
kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650
kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm
SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm
SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm
SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm
SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm
SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm
SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c
ppc64le
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.ppc64le.rpm
SHA-256: 02ace7f9b6c31efaefa9009639db2733517cb2cf80968131ae02bebe3f854676
kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.ppc64le.rpm
SHA-256: 630b95182c7d5eda0acbf80131cf8fba8b7873a2545ae6ec4cb8d2d71217a7a4
kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.ppc64le.rpm
SHA-256: c81256e081f64a8037067f91e064548cc6d3851af4d49f518871bf6046d91cfd
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.ppc64le.rpm
SHA-256: 4df2ebcfdaaeb2b1eff887c5d216647409a8be869aee3357c680f27a7fc42210
kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.ppc64le.rpm
SHA-256: c973fdc9a927dfc786c12549e44ac4069b12ed7c95a72d1c9b0a6a2fb17dbf69
kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.ppc64le.rpm
SHA-256: ab532421ecf5a7a7b702d15035cc24767f9ca75860ac43ed8bee8c3369430209
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.ppc64le.rpm
SHA-256: 3adc19519560aa574f478c583474237eccf502b90cdcf9fdec837158c794948c
kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.ppc64le.rpm
SHA-256: c350c63ad4ce6a16030e013a9523a2f6d7b1bf83c22492a1a9f132bf636df7af
kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.ppc64le.rpm
SHA-256: 1598a0df3c0c107f233ed3680105727476057644bbd238aacf5aaaff4058e49e
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.ppc64le.rpm
SHA-256: e11f6dbc92a28a8d3635b49fb44900d93ea9fc2fd972d5bdfa2576d777700925
kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.ppc64le.rpm
SHA-256: af1b8f025f43ee6afcd003ba6bb6d3491b81f302d8dbe7bfe48e34a1a62c70c1
kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.ppc64le.rpm
SHA-256: 690b1c3e4fd4c464a09237b54e6f08c5398563e41a8fa2454bf3a07071cc4b33
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.ppc64le.rpm
SHA-256: 7eedee5b736157b02d47ebf1c580b5346a75d7e755049077dac7e33ca5700d4e
kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.ppc64le.rpm
SHA-256: 42360a861a623fa265724a3f80927c7b3a9a96ed4c8063f7bee344fbeaf4c560
kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.ppc64le.rpm
SHA-256: 0abae1d48cc2337cbdb05a48b9e0a4c9afb20620d58147075633ad954760c307
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.ppc64le.rpm
SHA-256: 31848ed8e6e976a48df80302c55e43d7a00548482ff3e6296d08d7cecdea8976
kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.ppc64le.rpm
SHA-256: 12e07409b8564995f9ab0ed840e98c4ba5c4a8b1e953c0be42def89208c4d0f8
kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.ppc64le.rpm
SHA-256: 85d2eba89e7117ce4fa50a9bfc88389720bbdc3e704b3b115d63268df97a59a2
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm
SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm
SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm
SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm
SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm
SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm
SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c
x86_64
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm
SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3
kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm
SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06
kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm
SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm
SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925
kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm
SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c
kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm
SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm
SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb
kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm
SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296
kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm
SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm
SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d
kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120
kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm
SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3
kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f
kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm
SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc
kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650
kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm
SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm
SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm
SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm
SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm
SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm
SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c
ppc64le
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.ppc64le.rpm
SHA-256: 02ace7f9b6c31efaefa9009639db2733517cb2cf80968131ae02bebe3f854676
kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.ppc64le.rpm
SHA-256: 630b95182c7d5eda0acbf80131cf8fba8b7873a2545ae6ec4cb8d2d71217a7a4
kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.ppc64le.rpm
SHA-256: c81256e081f64a8037067f91e064548cc6d3851af4d49f518871bf6046d91cfd
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.ppc64le.rpm
SHA-256: 4df2ebcfdaaeb2b1eff887c5d216647409a8be869aee3357c680f27a7fc42210
kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.ppc64le.rpm
SHA-256: c973fdc9a927dfc786c12549e44ac4069b12ed7c95a72d1c9b0a6a2fb17dbf69
kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.ppc64le.rpm
SHA-256: ab532421ecf5a7a7b702d15035cc24767f9ca75860ac43ed8bee8c3369430209
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.ppc64le.rpm
SHA-256: 3adc19519560aa574f478c583474237eccf502b90cdcf9fdec837158c794948c
kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.ppc64le.rpm
SHA-256: c350c63ad4ce6a16030e013a9523a2f6d7b1bf83c22492a1a9f132bf636df7af
kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.ppc64le.rpm
SHA-256: 1598a0df3c0c107f233ed3680105727476057644bbd238aacf5aaaff4058e49e
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.ppc64le.rpm
SHA-256: e11f6dbc92a28a8d3635b49fb44900d93ea9fc2fd972d5bdfa2576d777700925
kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.ppc64le.rpm
SHA-256: af1b8f025f43ee6afcd003ba6bb6d3491b81f302d8dbe7bfe48e34a1a62c70c1
kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.ppc64le.rpm
SHA-256: 690b1c3e4fd4c464a09237b54e6f08c5398563e41a8fa2454bf3a07071cc4b33
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.ppc64le.rpm
SHA-256: 7eedee5b736157b02d47ebf1c580b5346a75d7e755049077dac7e33ca5700d4e
kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.ppc64le.rpm
SHA-256: 42360a861a623fa265724a3f80927c7b3a9a96ed4c8063f7bee344fbeaf4c560
kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.ppc64le.rpm
SHA-256: 0abae1d48cc2337cbdb05a48b9e0a4c9afb20620d58147075633ad954760c307
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.ppc64le.rpm
SHA-256: 31848ed8e6e976a48df80302c55e43d7a00548482ff3e6296d08d7cecdea8976
kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.ppc64le.rpm
SHA-256: 12e07409b8564995f9ab0ed840e98c4ba5c4a8b1e953c0be42def89208c4d0f8
kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.ppc64le.rpm
SHA-256: 85d2eba89e7117ce4fa50a9bfc88389720bbdc3e704b3b115d63268df97a59a2
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm
SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm
SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm
SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm
SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm
SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm
SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c
x86_64
kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm
SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3
kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm
SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06
kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm
SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b
kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm
SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925
kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm
SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c
kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm
SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec
kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm
SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb
kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm
SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296
kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm
SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0
kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm
SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d
kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120
kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9
kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm
SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3
kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f
kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745
kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm
SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc
kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650
kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646
Related news
Red Hat Security Advisory 2024-1278-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include out of bounds write and use-after-free vulnerabilities.
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
Red Hat Security Advisory 2023-7431-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7419-01 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7418-01 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7077-01 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5775-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Various other issues were also addressed.
Red Hat Security Advisory 2023-5604-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5580-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5575-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3609: A double-free flaw was found in u32_set_parms in net/sched/cls_u32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subs...
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_co...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could exec...
Ubuntu Security Notice 6386-3 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2023-5414-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important.
Ubuntu Security Notice 6388-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service.
Ubuntu Security Notice 6385-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-5235-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5238-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.
Ubuntu Security Notice 6383-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS.
Red Hat Security Advisory 2023-5221-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-5221-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. * CVE-2023-3090: A flaw was found...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. * CVE-2023-3090: A flaw was found...
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their p...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-3390: A use-after-free f...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-3390: A use-after-free f...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...
It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.
Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...
Ubuntu Security Notice 6330-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Ubuntu Security Notice 6316-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
Red Hat Security Advisory 2023-4828-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.
Red Hat Security Advisory 2023-4814-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation....
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1353: A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. * CVE-2022-39188: A flaw was found in include/asm-generic/tlb.h in the Linux ...
A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.
Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-35788: A flaw was found ...
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.