Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:5548: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in __ip_options_echo and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation.
  • CVE-2023-4004: A use-after-free flaw was found in the Linux kernel’s netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.
  • CVE-2023-4128: A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.
  • CVE-2023-35001: An out-of-bounds (OOB) memory access flaw was found in the Netfilter module in the Linux kernel’s nft_byteorder_eval in net/netfilter/nft_byteorder.c. A bound check failure allows a local attacker with CAP_NET_ADMIN access to cause a local privilege escalation issue due to incorrect data alignment.
Red Hat Security Data
#vulnerability#linux#red_hat#dos#rpm#sap

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
  • kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() (CVE-2023-4004)
  • kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128)
  • kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb
  • BZ - 2220892 - CVE-2023-35001 kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()
  • BZ - 2225275 - CVE-2023-4004 kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()
  • BZ - 2225511 - CVE-2023-4128 kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route

CVEs

  • CVE-2023-3090
  • CVE-2023-4004
  • CVE-2023-4128
  • CVE-2023-35001

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm

SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm

SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm

SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm

SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm

SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm

SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c

x86_64

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm

SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3

kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06

kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm

SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925

kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c

kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm

SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb

kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296

kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm

SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d

kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120

kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm

SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3

kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm

SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f

kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm

SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm

SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc

kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650

kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm

SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm

SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm

SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm

SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm

SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm

SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c

x86_64

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm

SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3

kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06

kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm

SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925

kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c

kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm

SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb

kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296

kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm

SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d

kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120

kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm

SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3

kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm

SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f

kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm

SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm

SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc

kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650

kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm

SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm

SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm

SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm

SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm

SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm

SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c

ppc64le

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.ppc64le.rpm

SHA-256: 02ace7f9b6c31efaefa9009639db2733517cb2cf80968131ae02bebe3f854676

kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.ppc64le.rpm

SHA-256: 630b95182c7d5eda0acbf80131cf8fba8b7873a2545ae6ec4cb8d2d71217a7a4

kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.ppc64le.rpm

SHA-256: c81256e081f64a8037067f91e064548cc6d3851af4d49f518871bf6046d91cfd

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.ppc64le.rpm

SHA-256: 4df2ebcfdaaeb2b1eff887c5d216647409a8be869aee3357c680f27a7fc42210

kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.ppc64le.rpm

SHA-256: c973fdc9a927dfc786c12549e44ac4069b12ed7c95a72d1c9b0a6a2fb17dbf69

kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.ppc64le.rpm

SHA-256: ab532421ecf5a7a7b702d15035cc24767f9ca75860ac43ed8bee8c3369430209

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.ppc64le.rpm

SHA-256: 3adc19519560aa574f478c583474237eccf502b90cdcf9fdec837158c794948c

kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.ppc64le.rpm

SHA-256: c350c63ad4ce6a16030e013a9523a2f6d7b1bf83c22492a1a9f132bf636df7af

kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.ppc64le.rpm

SHA-256: 1598a0df3c0c107f233ed3680105727476057644bbd238aacf5aaaff4058e49e

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.ppc64le.rpm

SHA-256: e11f6dbc92a28a8d3635b49fb44900d93ea9fc2fd972d5bdfa2576d777700925

kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.ppc64le.rpm

SHA-256: af1b8f025f43ee6afcd003ba6bb6d3491b81f302d8dbe7bfe48e34a1a62c70c1

kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.ppc64le.rpm

SHA-256: 690b1c3e4fd4c464a09237b54e6f08c5398563e41a8fa2454bf3a07071cc4b33

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.ppc64le.rpm

SHA-256: 7eedee5b736157b02d47ebf1c580b5346a75d7e755049077dac7e33ca5700d4e

kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.ppc64le.rpm

SHA-256: 42360a861a623fa265724a3f80927c7b3a9a96ed4c8063f7bee344fbeaf4c560

kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.ppc64le.rpm

SHA-256: 0abae1d48cc2337cbdb05a48b9e0a4c9afb20620d58147075633ad954760c307

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.ppc64le.rpm

SHA-256: 31848ed8e6e976a48df80302c55e43d7a00548482ff3e6296d08d7cecdea8976

kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.ppc64le.rpm

SHA-256: 12e07409b8564995f9ab0ed840e98c4ba5c4a8b1e953c0be42def89208c4d0f8

kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.ppc64le.rpm

SHA-256: 85d2eba89e7117ce4fa50a9bfc88389720bbdc3e704b3b115d63268df97a59a2

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm

SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm

SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm

SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm

SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm

SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm

SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c

x86_64

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm

SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3

kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06

kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm

SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925

kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c

kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm

SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb

kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296

kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm

SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d

kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120

kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm

SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3

kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm

SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f

kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm

SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm

SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc

kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650

kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm

SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm

SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm

SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm

SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm

SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm

SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c

ppc64le

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.ppc64le.rpm

SHA-256: 02ace7f9b6c31efaefa9009639db2733517cb2cf80968131ae02bebe3f854676

kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.ppc64le.rpm

SHA-256: 630b95182c7d5eda0acbf80131cf8fba8b7873a2545ae6ec4cb8d2d71217a7a4

kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.ppc64le.rpm

SHA-256: c81256e081f64a8037067f91e064548cc6d3851af4d49f518871bf6046d91cfd

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.ppc64le.rpm

SHA-256: 4df2ebcfdaaeb2b1eff887c5d216647409a8be869aee3357c680f27a7fc42210

kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.ppc64le.rpm

SHA-256: c973fdc9a927dfc786c12549e44ac4069b12ed7c95a72d1c9b0a6a2fb17dbf69

kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.ppc64le.rpm

SHA-256: ab532421ecf5a7a7b702d15035cc24767f9ca75860ac43ed8bee8c3369430209

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.ppc64le.rpm

SHA-256: 3adc19519560aa574f478c583474237eccf502b90cdcf9fdec837158c794948c

kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.ppc64le.rpm

SHA-256: c350c63ad4ce6a16030e013a9523a2f6d7b1bf83c22492a1a9f132bf636df7af

kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.ppc64le.rpm

SHA-256: 1598a0df3c0c107f233ed3680105727476057644bbd238aacf5aaaff4058e49e

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.ppc64le.rpm

SHA-256: e11f6dbc92a28a8d3635b49fb44900d93ea9fc2fd972d5bdfa2576d777700925

kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.ppc64le.rpm

SHA-256: af1b8f025f43ee6afcd003ba6bb6d3491b81f302d8dbe7bfe48e34a1a62c70c1

kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.ppc64le.rpm

SHA-256: 690b1c3e4fd4c464a09237b54e6f08c5398563e41a8fa2454bf3a07071cc4b33

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.ppc64le.rpm

SHA-256: 7eedee5b736157b02d47ebf1c580b5346a75d7e755049077dac7e33ca5700d4e

kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.ppc64le.rpm

SHA-256: 42360a861a623fa265724a3f80927c7b3a9a96ed4c8063f7bee344fbeaf4c560

kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.ppc64le.rpm

SHA-256: 0abae1d48cc2337cbdb05a48b9e0a4c9afb20620d58147075633ad954760c307

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.ppc64le.rpm

SHA-256: 31848ed8e6e976a48df80302c55e43d7a00548482ff3e6296d08d7cecdea8976

kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.ppc64le.rpm

SHA-256: 12e07409b8564995f9ab0ed840e98c4ba5c4a8b1e953c0be42def89208c4d0f8

kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.ppc64le.rpm

SHA-256: 85d2eba89e7117ce4fa50a9bfc88389720bbdc3e704b3b115d63268df97a59a2

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.src.rpm

SHA-256: 036732c209c3b6e9c92ed3748206861b449db9e0a91c59bdf9bc94fcbd743d2f

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.src.rpm

SHA-256: 88293682d9b63105cb207676b9e576ac1342dfb665b11b668eee50cda238747e

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.src.rpm

SHA-256: 227ec386d60a2fa568d1706216bc3a140a96382a739dcd25fae88e9efd8e0848

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.src.rpm

SHA-256: 73eccca2c73f9676bad3dd8b4a53bd6aab2e1717ca3d8bf15ae0faf9eb200c63

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.src.rpm

SHA-256: cf29d04efc18cc89ae35f713b36ebd1e7bf8d2e60126b878867856440ace6f9e

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.src.rpm

SHA-256: f718fc937e76a8c65ed686d120d9a62e7fb2b759a6cfc660751120cc73833b5c

x86_64

kpatch-patch-4_18_0-372_46_1-1-6.el8_6.x86_64.rpm

SHA-256: 64db6195354fd1afa344da74d5ac3e2c53f26ce698d945974671bc0ee9e0ffc3

kpatch-patch-4_18_0-372_46_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c3b110ee26776d6e60bdb70234ee444ae95aa57ca52843fd8019ff21f2224c06

kpatch-patch-4_18_0-372_46_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: 97c0e723246a7838f039d50a624def107d8d3cf2e6d4eff74027edb348f5b70b

kpatch-patch-4_18_0-372_51_1-1-5.el8_6.x86_64.rpm

SHA-256: 5df9fb0417510ba2cde7e6c3b810f0b8101c4abf98748ff6f629deb82d214925

kpatch-patch-4_18_0-372_51_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 5d6b21f8fcb4dcc2dc5edc97918b12ed9e1a447fee341d4e8049bede2880728c

kpatch-patch-4_18_0-372_51_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: a3b076b2967e0258c04793a1fa9a3e95552eb7858ed41b76067e22618714adec

kpatch-patch-4_18_0-372_52_1-1-4.el8_6.x86_64.rpm

SHA-256: c959c99fea49456da5c3486274d467273203a8c0a6c75cc3cab7ab96f7e399eb

kpatch-patch-4_18_0-372_52_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: ec56d036043ffc9fe0456e33e781daeb1461cdd64cecc2086fc3b578e4304296

kpatch-patch-4_18_0-372_52_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 00b5ab9df26c05076480a89d6691e053f0cfd3cf922a431d8905280a311cf0a0

kpatch-patch-4_18_0-372_57_1-1-3.el8_6.x86_64.rpm

SHA-256: 22e668443514cb02594079e00695c1b895944bc1e2408ba481574337544e920d

kpatch-patch-4_18_0-372_57_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: d67c852c58380e22e5d6c8396ae7fc2e8375296e5a38b09aa3d1b678454c5120

kpatch-patch-4_18_0-372_57_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: b68a834c080b188e775e31112b5817682e79ea864d434d88f6d9b1e6a9bca5f9

kpatch-patch-4_18_0-372_64_1-1-2.el8_6.x86_64.rpm

SHA-256: 6663a014412437b030076651df5a221ee1b6fc4dcc7ad3d27971fd34fb703df3

kpatch-patch-4_18_0-372_64_1-debuginfo-1-2.el8_6.x86_64.rpm

SHA-256: 5cbe4f17bd7e12f09601ee74d5f14468f21e79d411f6e065b0d180974538709f

kpatch-patch-4_18_0-372_64_1-debugsource-1-2.el8_6.x86_64.rpm

SHA-256: d3fba3ba323fcd5d5ffafef18e61e32d42e8de86f25dde23dc9cfd10a54e2745

kpatch-patch-4_18_0-372_70_1-1-1.el8_6.x86_64.rpm

SHA-256: bf7f6d0ec51afcdf6821b7a9975a1446e710bd2e9d1026449ff0443e6cd3cbdc

kpatch-patch-4_18_0-372_70_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: 2fb5066d27de4a75d4c00734af9320439629149824daa1dbdebf9f4f861c0650

kpatch-patch-4_18_0-372_70_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: d3046a49e6f2d00ff984487ff6cb823355c059d6d127efc2df4aff7dae367646

Related news

Red Hat Security Advisory 2024-1278-03

Red Hat Security Advisory 2024-1278-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include out of bounds write and use-after-free vulnerabilities.

CVE-2023-48660: DSA-2023-443: Dell PowerMaxOS 5978, Dell Unisphere 360, Dell Unisphere for PowerMax, Dell Unisphere for PowerMax Virtual Appliance, Dell Solutions Enabler Virtual Appliance, and Dell PowerMax EEM Secu

Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.

Red Hat Security Advisory 2023-7431-01

Red Hat Security Advisory 2023-7431-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7419-01

Red Hat Security Advisory 2023-7419-01 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7418-01

Red Hat Security Advisory 2023-7418-01 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7077-01

Red Hat Security Advisory 2023-7077-01 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5775-01

Red Hat Security Advisory 2023-5775-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Kernel Live Patch Security Notice LSN-0098-1

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). Various other issues were also addressed.

Red Hat Security Advisory 2023-5604-01

Red Hat Security Advisory 2023-5604-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5580-01

Red Hat Security Advisory 2023-5580-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-5575-01

Red Hat Security Advisory 2023-5575-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

RHSA-2023:5621: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3609: A double-free flaw was found in u32_set_parms in net/sched/cls_u32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subs...

RHSA-2023:5589: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_co...

RHSA-2023:5580: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could exec...

Ubuntu Security Notice USN-6386-3

Ubuntu Security Notice 6386-3 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-5414-01

Red Hat Security Advisory 2023-5414-01 - An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important.

Ubuntu Security Notice USN-6388-1

Ubuntu Security Notice 6388-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service.

Ubuntu Security Notice USN-6385-1

Ubuntu Security Notice 6385-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.

Red Hat Security Advisory 2023-5235-01

Red Hat Security Advisory 2023-5235-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-5238-01

Red Hat Security Advisory 2023-5238-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-5244-01

Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5244-01

Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6383-1

Ubuntu Security Notice 6383-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS.

Red Hat Security Advisory 2023-5221-01

Red Hat Security Advisory 2023-5221-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5221-01

Red Hat Security Advisory 2023-5221-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include out of bounds write and use-after-free vulnerabilities.

RHSA-2023:5255: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. * CVE-2023-3090: A flaw was found...

RHSA-2023:5255: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. 'Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2002: A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentiality, integrity, and availability of Bluetooth communication. * CVE-2023-3090: A flaw was found...

RHSA-2023:5238: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can lead to performing arbitrary reads and writes in kernel memory. This flaw allows a local user with CAP_NET_ADMIN capability to crash or potentially escalate their p...

RHSA-2023:5221: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-3390: A use-after-free f...

RHSA-2023:5221: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-3390: A use-after-free f...

RHSA-2023:5091: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...

RHSA-2023:5091: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1637: A flaw was found in the Linux kernel X86 CPU Power management when resuming CPU from suspend-to-RAM. This issue could allow a local user unauthorized access to memory from the CPU. * CVE-2023-3390: A use-after-free flaw was found in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests, which can...

Kernel Live Patch Security Notice LSN-0097-1

It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other vulnerabilities were also discovered and addressed.

Red Hat Security Advisory 2023-4961-01

Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4961-01

Red Hat Security Advisory 2023-4961-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:4967: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...

RHSA-2023:4967: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privileg...

Ubuntu Security Notice USN-6330-1

Ubuntu Security Notice 6330-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

Ubuntu Security Notice USN-6316-1

Ubuntu Security Notice 6316-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

Red Hat Security Advisory 2023-4828-01

Red Hat Security Advisory 2023-4828-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

Red Hat Security Advisory 2023-4817-01

Red Hat Security Advisory 2023-4817-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and out of bounds write vulnerabilities.

Red Hat Security Advisory 2023-4814-01

Red Hat Security Advisory 2023-4814-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include null pointer, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:4815: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2124: An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user...

RHSA-2023:4828: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation.

RHSA-2023:4829: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation....

RHSA-2023:4814: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1353: A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information. * CVE-2022-39188: A flaw was found in include/asm-generic/tlb.h in the Linux ...

CVE-2023-4128: Invalid Bug ID

A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.

Red Hat Security Advisory 2023-4380-01

Red Hat Security Advisory 2023-4380-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.

RHSA-2023:4380: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3090: A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb->cb initialization in `__ip_options_echo` and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege escalation. * CVE-2023-35788: A flaw was found ...

CVE-2023-4004: Invalid Bug ID

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.

CVE-2023-3090

A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e.