Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:4721: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation
Red Hat Security Data
#vulnerability#linux#red_hat#rpm#sap

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.7 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.7 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7 ppc64le
  • Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.7 x86_64

Fixes

  • BZ - 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation

Red Hat Enterprise Linux Server - AUS 7.7

SRPM

kpatch-patch-3_10_0-1062_51_1-1-7.el7.src.rpm

SHA-256: 020798973ec2463217b065c2b319213f503fbed5b7180d0dabdf0195d71265eb

kpatch-patch-3_10_0-1062_52_2-1-6.el7.src.rpm

SHA-256: ae1453d4aa134aec68d6f35980ab4a489e1d1b41a25e629908ce0cae2613fbed

kpatch-patch-3_10_0-1062_56_1-1-5.el7.src.rpm

SHA-256: ed5bc0f745f99b2c9f4b573b87ae70f109e83e666e4b3a359fc35c306b219457

kpatch-patch-3_10_0-1062_59_1-1-3.el7.src.rpm

SHA-256: 9b8fe127afead59721d02487e1f253e09c42371da0109cef10e79ca1414260a8

kpatch-patch-3_10_0-1062_60_1-1-3.el7.src.rpm

SHA-256: 845c44e8694373103c70021298eb5296003827630a98782b2fe4b1c28019f8b3

kpatch-patch-3_10_0-1062_61_1-1-3.el7.src.rpm

SHA-256: cbea1580d7d8669168cd26eb39cb188e6835f659baa0e0755324fc000a5ae894

kpatch-patch-3_10_0-1062_63_1-1-2.el7.src.rpm

SHA-256: 30e8d6c3519982e02c000a9b687b3bbe62c7ab5ad3dc6d43731af7a757831193

kpatch-patch-3_10_0-1062_66_1-1-1.el7.src.rpm

SHA-256: 67ac64952a5b9b97f9b3b4c4ed4b1c2047634977fd89b91e66f77cebb32a741c

x86_64

kpatch-patch-3_10_0-1062_51_1-1-7.el7.x86_64.rpm

SHA-256: 5a1ae876abe47c1179da9442d8d096483d4e57ef798f5be81ff8afbc4914f279

kpatch-patch-3_10_0-1062_51_1-debuginfo-1-7.el7.x86_64.rpm

SHA-256: c912fd7f2e6985278fee7a8c1490df7f16f4708a6191e8103a9841eca932ab15

kpatch-patch-3_10_0-1062_52_2-1-6.el7.x86_64.rpm

SHA-256: d2a3ca8575e32a176e15edfd1e7f2421ef8dc222e13ca861f5e36b8b29e05d68

kpatch-patch-3_10_0-1062_52_2-debuginfo-1-6.el7.x86_64.rpm

SHA-256: 71a9b195b804e47e58c59ec6c9237cf120d1990c1850a162b4ed009b85a272e2

kpatch-patch-3_10_0-1062_56_1-1-5.el7.x86_64.rpm

SHA-256: 1e65380aa956742afb8405315df37a239f7e2455e38fcc97a3d77b6f2f6a4fc3

kpatch-patch-3_10_0-1062_56_1-debuginfo-1-5.el7.x86_64.rpm

SHA-256: 7eed3c597f9bfcda41320b310caaafa6e6359bef4f20b4c520bcdf0b1153878f

kpatch-patch-3_10_0-1062_59_1-1-3.el7.x86_64.rpm

SHA-256: b9862937b438d95bc21f1fdd55377e517a0db6df388ff9b457252bd8bd0f19b9

kpatch-patch-3_10_0-1062_59_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: 88f5e9ff10e537e7445f071f1576116f8a09a447965ea94cb5cc969969b4e7d3

kpatch-patch-3_10_0-1062_60_1-1-3.el7.x86_64.rpm

SHA-256: d7b6940c14aa770d8c3f64fdb633fd122231f9b84773d407a8b7b6eec702db2a

kpatch-patch-3_10_0-1062_60_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: 488746c38c11678b7c08cc7f0f4db447360cd908a14d40ada0e90e8f2ead4065

kpatch-patch-3_10_0-1062_61_1-1-3.el7.x86_64.rpm

SHA-256: b5e0b36168f7435969688eb0055fb040b9c6fcff3d9527621331f289c9ad2bda

kpatch-patch-3_10_0-1062_61_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: aa310c2b4e6033bd3a02e75342eaf5086e8d799104cc4cdfed175c686828c944

kpatch-patch-3_10_0-1062_63_1-1-2.el7.x86_64.rpm

SHA-256: 0ce109b1dcd6dbc3a18aa3e517f84bf4434159c8af2d520f892071670f361c6f

kpatch-patch-3_10_0-1062_63_1-debuginfo-1-2.el7.x86_64.rpm

SHA-256: 358767f177a72402744a57ae429e4cd2452ff6b6b099d7e288c94169177d2ca2

kpatch-patch-3_10_0-1062_66_1-1-1.el7.x86_64.rpm

SHA-256: afbcbfa1e79869db25179dcce62ce3aa251743669d21da72e92171a06faf0fc8

kpatch-patch-3_10_0-1062_66_1-debuginfo-1-1.el7.x86_64.rpm

SHA-256: 15ff7373ca5d624bf754270250b8f9220c71c0ee6944a26995843a09a120798e

Red Hat Enterprise Linux Server - TUS 7.7

SRPM

kpatch-patch-3_10_0-1062_51_1-1-7.el7.src.rpm

SHA-256: 020798973ec2463217b065c2b319213f503fbed5b7180d0dabdf0195d71265eb

kpatch-patch-3_10_0-1062_52_2-1-6.el7.src.rpm

SHA-256: ae1453d4aa134aec68d6f35980ab4a489e1d1b41a25e629908ce0cae2613fbed

kpatch-patch-3_10_0-1062_56_1-1-5.el7.src.rpm

SHA-256: ed5bc0f745f99b2c9f4b573b87ae70f109e83e666e4b3a359fc35c306b219457

kpatch-patch-3_10_0-1062_59_1-1-3.el7.src.rpm

SHA-256: 9b8fe127afead59721d02487e1f253e09c42371da0109cef10e79ca1414260a8

kpatch-patch-3_10_0-1062_60_1-1-3.el7.src.rpm

SHA-256: 845c44e8694373103c70021298eb5296003827630a98782b2fe4b1c28019f8b3

kpatch-patch-3_10_0-1062_61_1-1-3.el7.src.rpm

SHA-256: cbea1580d7d8669168cd26eb39cb188e6835f659baa0e0755324fc000a5ae894

kpatch-patch-3_10_0-1062_63_1-1-2.el7.src.rpm

SHA-256: 30e8d6c3519982e02c000a9b687b3bbe62c7ab5ad3dc6d43731af7a757831193

kpatch-patch-3_10_0-1062_66_1-1-1.el7.src.rpm

SHA-256: 67ac64952a5b9b97f9b3b4c4ed4b1c2047634977fd89b91e66f77cebb32a741c

x86_64

kpatch-patch-3_10_0-1062_51_1-1-7.el7.x86_64.rpm

SHA-256: 5a1ae876abe47c1179da9442d8d096483d4e57ef798f5be81ff8afbc4914f279

kpatch-patch-3_10_0-1062_51_1-debuginfo-1-7.el7.x86_64.rpm

SHA-256: c912fd7f2e6985278fee7a8c1490df7f16f4708a6191e8103a9841eca932ab15

kpatch-patch-3_10_0-1062_52_2-1-6.el7.x86_64.rpm

SHA-256: d2a3ca8575e32a176e15edfd1e7f2421ef8dc222e13ca861f5e36b8b29e05d68

kpatch-patch-3_10_0-1062_52_2-debuginfo-1-6.el7.x86_64.rpm

SHA-256: 71a9b195b804e47e58c59ec6c9237cf120d1990c1850a162b4ed009b85a272e2

kpatch-patch-3_10_0-1062_56_1-1-5.el7.x86_64.rpm

SHA-256: 1e65380aa956742afb8405315df37a239f7e2455e38fcc97a3d77b6f2f6a4fc3

kpatch-patch-3_10_0-1062_56_1-debuginfo-1-5.el7.x86_64.rpm

SHA-256: 7eed3c597f9bfcda41320b310caaafa6e6359bef4f20b4c520bcdf0b1153878f

kpatch-patch-3_10_0-1062_59_1-1-3.el7.x86_64.rpm

SHA-256: b9862937b438d95bc21f1fdd55377e517a0db6df388ff9b457252bd8bd0f19b9

kpatch-patch-3_10_0-1062_59_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: 88f5e9ff10e537e7445f071f1576116f8a09a447965ea94cb5cc969969b4e7d3

kpatch-patch-3_10_0-1062_60_1-1-3.el7.x86_64.rpm

SHA-256: d7b6940c14aa770d8c3f64fdb633fd122231f9b84773d407a8b7b6eec702db2a

kpatch-patch-3_10_0-1062_60_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: 488746c38c11678b7c08cc7f0f4db447360cd908a14d40ada0e90e8f2ead4065

kpatch-patch-3_10_0-1062_61_1-1-3.el7.x86_64.rpm

SHA-256: b5e0b36168f7435969688eb0055fb040b9c6fcff3d9527621331f289c9ad2bda

kpatch-patch-3_10_0-1062_61_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: aa310c2b4e6033bd3a02e75342eaf5086e8d799104cc4cdfed175c686828c944

kpatch-patch-3_10_0-1062_63_1-1-2.el7.x86_64.rpm

SHA-256: 0ce109b1dcd6dbc3a18aa3e517f84bf4434159c8af2d520f892071670f361c6f

kpatch-patch-3_10_0-1062_63_1-debuginfo-1-2.el7.x86_64.rpm

SHA-256: 358767f177a72402744a57ae429e4cd2452ff6b6b099d7e288c94169177d2ca2

kpatch-patch-3_10_0-1062_66_1-1-1.el7.x86_64.rpm

SHA-256: afbcbfa1e79869db25179dcce62ce3aa251743669d21da72e92171a06faf0fc8

kpatch-patch-3_10_0-1062_66_1-debuginfo-1-1.el7.x86_64.rpm

SHA-256: 15ff7373ca5d624bf754270250b8f9220c71c0ee6944a26995843a09a120798e

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.7

SRPM

kpatch-patch-3_10_0-1062_51_1-1-7.el7.src.rpm

SHA-256: 020798973ec2463217b065c2b319213f503fbed5b7180d0dabdf0195d71265eb

kpatch-patch-3_10_0-1062_52_2-1-6.el7.src.rpm

SHA-256: ae1453d4aa134aec68d6f35980ab4a489e1d1b41a25e629908ce0cae2613fbed

kpatch-patch-3_10_0-1062_56_1-1-5.el7.src.rpm

SHA-256: ed5bc0f745f99b2c9f4b573b87ae70f109e83e666e4b3a359fc35c306b219457

kpatch-patch-3_10_0-1062_59_1-1-3.el7.src.rpm

SHA-256: 9b8fe127afead59721d02487e1f253e09c42371da0109cef10e79ca1414260a8

kpatch-patch-3_10_0-1062_60_1-1-3.el7.src.rpm

SHA-256: 845c44e8694373103c70021298eb5296003827630a98782b2fe4b1c28019f8b3

kpatch-patch-3_10_0-1062_61_1-1-3.el7.src.rpm

SHA-256: cbea1580d7d8669168cd26eb39cb188e6835f659baa0e0755324fc000a5ae894

kpatch-patch-3_10_0-1062_63_1-1-2.el7.src.rpm

SHA-256: 30e8d6c3519982e02c000a9b687b3bbe62c7ab5ad3dc6d43731af7a757831193

kpatch-patch-3_10_0-1062_66_1-1-1.el7.src.rpm

SHA-256: 67ac64952a5b9b97f9b3b4c4ed4b1c2047634977fd89b91e66f77cebb32a741c

ppc64le

kpatch-patch-3_10_0-1062_51_1-1-7.el7.ppc64le.rpm

SHA-256: e31a85e5cac347310937296cd3d80178d351491c097a13594acd53a21ea18178

kpatch-patch-3_10_0-1062_51_1-debuginfo-1-7.el7.ppc64le.rpm

SHA-256: 029c9110d0e49551640588aaafc0604e132b56328222564d7f9acb301f586e3a

kpatch-patch-3_10_0-1062_52_2-1-6.el7.ppc64le.rpm

SHA-256: 06b54076470ae67269124e1e709dafe8d216fc5f02288c65674be7163e7779a7

kpatch-patch-3_10_0-1062_52_2-debuginfo-1-6.el7.ppc64le.rpm

SHA-256: dcb4c7333a9a51e35ec73953307422bb1ae5494bf55b3707c01c06ba0ba95531

kpatch-patch-3_10_0-1062_56_1-1-5.el7.ppc64le.rpm

SHA-256: cab6ad5748d6392e4b086ceeafc4823f90b23b9ab831181b0e0f3cfe41ee2ca0

kpatch-patch-3_10_0-1062_56_1-debuginfo-1-5.el7.ppc64le.rpm

SHA-256: f4b29ace3006bf0317dbec13152762acae7ff698c129a2ebb58dc24c95299f2b

kpatch-patch-3_10_0-1062_59_1-1-3.el7.ppc64le.rpm

SHA-256: 9ae3db618a8743a208c7fd558a850d455cd33fa3532d11f016f0f2870f6c6369

kpatch-patch-3_10_0-1062_59_1-debuginfo-1-3.el7.ppc64le.rpm

SHA-256: d08017d0e2e8bbcd1f979ab0a1c7cc9415eaa8a11b1293ddc4c09cd7eb176de6

kpatch-patch-3_10_0-1062_60_1-1-3.el7.ppc64le.rpm

SHA-256: 75126e8850dde4e86a94272e033d9fa66be6d318342503651aaca2f710657216

kpatch-patch-3_10_0-1062_60_1-debuginfo-1-3.el7.ppc64le.rpm

SHA-256: a5aec7d61079ee2043be39e2d4f30ec6b433c208c6157de5d48db1503335c388

kpatch-patch-3_10_0-1062_61_1-1-3.el7.ppc64le.rpm

SHA-256: e034e69fe2a63fb9492487b177ddafcf7ae6c08db8516609bf59d8a3f4008a1b

kpatch-patch-3_10_0-1062_61_1-debuginfo-1-3.el7.ppc64le.rpm

SHA-256: f9535a91184a00a37310804ddeb2e7d0eea2531f2b49eaa9d61e9f5b27fb4ffd

kpatch-patch-3_10_0-1062_63_1-1-2.el7.ppc64le.rpm

SHA-256: fdf76794de905a77b0aad0dfe0e327cef92e03c3da5568e88deaafefc32a4da0

kpatch-patch-3_10_0-1062_63_1-debuginfo-1-2.el7.ppc64le.rpm

SHA-256: 762f206a6f266eb0a2e0d7a2ce6f4cc47a881e8b64a6cb717e5ae8628b656918

kpatch-patch-3_10_0-1062_66_1-1-1.el7.ppc64le.rpm

SHA-256: 01448fcfaf418b8e327b6c746a3cf1bbef2967d28ace5269cb2b2e3f93df1586

kpatch-patch-3_10_0-1062_66_1-debuginfo-1-1.el7.ppc64le.rpm

SHA-256: b9b5fec1a9ccad1678e23aa13dbf53e75d65777897b99bbf308e0ca84eaacb7f

Red Hat Enterprise Linux Server for x86_64 - Update Services for SAP Solutions 7.7

SRPM

kpatch-patch-3_10_0-1062_51_1-1-7.el7.src.rpm

SHA-256: 020798973ec2463217b065c2b319213f503fbed5b7180d0dabdf0195d71265eb

kpatch-patch-3_10_0-1062_52_2-1-6.el7.src.rpm

SHA-256: ae1453d4aa134aec68d6f35980ab4a489e1d1b41a25e629908ce0cae2613fbed

kpatch-patch-3_10_0-1062_56_1-1-5.el7.src.rpm

SHA-256: ed5bc0f745f99b2c9f4b573b87ae70f109e83e666e4b3a359fc35c306b219457

kpatch-patch-3_10_0-1062_59_1-1-3.el7.src.rpm

SHA-256: 9b8fe127afead59721d02487e1f253e09c42371da0109cef10e79ca1414260a8

kpatch-patch-3_10_0-1062_60_1-1-3.el7.src.rpm

SHA-256: 845c44e8694373103c70021298eb5296003827630a98782b2fe4b1c28019f8b3

kpatch-patch-3_10_0-1062_61_1-1-3.el7.src.rpm

SHA-256: cbea1580d7d8669168cd26eb39cb188e6835f659baa0e0755324fc000a5ae894

kpatch-patch-3_10_0-1062_63_1-1-2.el7.src.rpm

SHA-256: 30e8d6c3519982e02c000a9b687b3bbe62c7ab5ad3dc6d43731af7a757831193

kpatch-patch-3_10_0-1062_66_1-1-1.el7.src.rpm

SHA-256: 67ac64952a5b9b97f9b3b4c4ed4b1c2047634977fd89b91e66f77cebb32a741c

x86_64

kpatch-patch-3_10_0-1062_51_1-1-7.el7.x86_64.rpm

SHA-256: 5a1ae876abe47c1179da9442d8d096483d4e57ef798f5be81ff8afbc4914f279

kpatch-patch-3_10_0-1062_51_1-debuginfo-1-7.el7.x86_64.rpm

SHA-256: c912fd7f2e6985278fee7a8c1490df7f16f4708a6191e8103a9841eca932ab15

kpatch-patch-3_10_0-1062_52_2-1-6.el7.x86_64.rpm

SHA-256: d2a3ca8575e32a176e15edfd1e7f2421ef8dc222e13ca861f5e36b8b29e05d68

kpatch-patch-3_10_0-1062_52_2-debuginfo-1-6.el7.x86_64.rpm

SHA-256: 71a9b195b804e47e58c59ec6c9237cf120d1990c1850a162b4ed009b85a272e2

kpatch-patch-3_10_0-1062_56_1-1-5.el7.x86_64.rpm

SHA-256: 1e65380aa956742afb8405315df37a239f7e2455e38fcc97a3d77b6f2f6a4fc3

kpatch-patch-3_10_0-1062_56_1-debuginfo-1-5.el7.x86_64.rpm

SHA-256: 7eed3c597f9bfcda41320b310caaafa6e6359bef4f20b4c520bcdf0b1153878f

kpatch-patch-3_10_0-1062_59_1-1-3.el7.x86_64.rpm

SHA-256: b9862937b438d95bc21f1fdd55377e517a0db6df388ff9b457252bd8bd0f19b9

kpatch-patch-3_10_0-1062_59_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: 88f5e9ff10e537e7445f071f1576116f8a09a447965ea94cb5cc969969b4e7d3

kpatch-patch-3_10_0-1062_60_1-1-3.el7.x86_64.rpm

SHA-256: d7b6940c14aa770d8c3f64fdb633fd122231f9b84773d407a8b7b6eec702db2a

kpatch-patch-3_10_0-1062_60_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: 488746c38c11678b7c08cc7f0f4db447360cd908a14d40ada0e90e8f2ead4065

kpatch-patch-3_10_0-1062_61_1-1-3.el7.x86_64.rpm

SHA-256: b5e0b36168f7435969688eb0055fb040b9c6fcff3d9527621331f289c9ad2bda

kpatch-patch-3_10_0-1062_61_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: aa310c2b4e6033bd3a02e75342eaf5086e8d799104cc4cdfed175c686828c944

kpatch-patch-3_10_0-1062_63_1-1-2.el7.x86_64.rpm

SHA-256: 0ce109b1dcd6dbc3a18aa3e517f84bf4434159c8af2d520f892071670f361c6f

kpatch-patch-3_10_0-1062_63_1-debuginfo-1-2.el7.x86_64.rpm

SHA-256: 358767f177a72402744a57ae429e4cd2452ff6b6b099d7e288c94169177d2ca2

kpatch-patch-3_10_0-1062_66_1-1-1.el7.x86_64.rpm

SHA-256: afbcbfa1e79869db25179dcce62ce3aa251743669d21da72e92171a06faf0fc8

kpatch-patch-3_10_0-1062_66_1-debuginfo-1-1.el7.x86_64.rpm

SHA-256: 15ff7373ca5d624bf754270250b8f9220c71c0ee6944a26995843a09a120798e

Related news

Docker cgroups Container Escape

This Metasploit exploit module takes advantage of a Docker image which has either the privileged flag, or SYS_ADMIN Linux capability. If the host kernel is vulnerable, its possible to escape the Docker image and achieve root on the host operating system. A vulnerability was found in the Linux kernel's cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

CVE-2023-33953: Security Bulletins

gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so ...

CVE-2023-21850: Oracle Critical Patch Update Advisory - January 2023

Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

CVE-2022-27928: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

CVE-2022-26655: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 has Improper Input Validation. The client API allows remote attackers to trigger a software abort via a gateway call into Teams.

CVE-2022-26656: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join.

CVE-2022-25357: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.2 has Improper Access Control. An attacker can sometimes join a conference (call join) if it has a lock but not a PIN.

CVE-2022-27929: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP.

CVE-2022-27931: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol.

CVE-2022-27933: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join.

CVE-2022-27934: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP.

CVE-2022-27937: Pexip security bulletins | Pexip Infinity Docs

Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264.

Red Hat Security Advisory 2022-5392-01

Red Hat Security Advisory 2022-5392-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.11 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which resolve security issues and fix several bugs. Issues addressed include a traversal vulnerability.

RHSA-2022:5157: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-1729: kernel: race condition in perf_event_open leads to privilege escalation

CVE-2022-20233: Pixel Update Bulletin—June 2022  |  Android Open Source Project

In param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A

Kernel Live Patch Security Notice LSN-0086-1

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.

Red Hat Security Advisory 2022-4721-01

Red Hat Security Advisory 2022-4721-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2022-4717-01

Red Hat Security Advisory 2022-4717-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a privilege escalation vulnerability.

RHSA-2022:4717: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation

Red Hat Security Advisory 2022-4644-01

Red Hat Security Advisory 2022-4644-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a privilege escalation vulnerability.

Red Hat Security Advisory 2022-4642-01

Red Hat Security Advisory 2022-4642-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and privilege escalation vulnerabilities.

RHSA-2022:4644: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation

RHSA-2022:4642: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation

RHSA-2022:4655: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation

Red Hat Security Advisory 2022-1699-01

Red Hat Security Advisory 2022-1699-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.50.

RHSA-2022:1699: Red Hat Security Advisory: OpenShift Container Platform 4.7.50 security update

Red Hat OpenShift Container Platform release 4.7.50 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.7 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24769: moby: Default inheritable capabilities for linux container should be empty

RHSA-2022:2186: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation

RHSA-2022:2189: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation