Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0114: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
  • CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#dell

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-01-12

Updated:

2023-01-12

RHSA-2023:0114 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
  • kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • The latest RHEL 8.7.z1 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels. (BZ#2137411)
  • [DELL EMC 8.6-RT BUG] System is not booting into RT Kernel with perc12. (BZ#2139867)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64

Fixes

  • BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.
  • BZ - 2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

Red Hat Enterprise Linux for Real Time 8

SRPM

kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm

SHA-256: 07b96f9f984e6b219d560ce24a26d717387e048695d6ea15878dbf2047d1c57b

x86_64

kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: ba934c62edc41eca93e717799f9e927a21874a8691f84ca1824c0339660d7a9e

kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 5e54b9d1b7c79030e4840a29605273e29c5ecd5147e159fc93d4a41ccea8179e

kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 7d341dfd0e6a5bcc09e52d7fe58d814d6400258fd51b756a7c89005ac6c64661

kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: f169809e75bc44b56234145de2980539dce4fd2a7ab937ad7847cab04cedf27f

kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: e9707b41f9a71593473ca63d37b821fd82defe8a683eba653a1d6e70dae9155d

kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 17ba5491a2080b548ef427f225b652a7382f79ff8c9d7a076f7d64553edff9c1

kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 7f864678fafd3ade8524a665f2ec21d1e3ae6b775e2c40d10824d2deaf099ad9

kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 574c8ea38cd6ce9f4e167432528565f4e6e6d35163af99784c620063eed28b54

kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 1ee11d44e69ae1d253a376b84d6362b316610e6ae95d4f6c336cd5794ac5595d

kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: a39ca6b8f20ce557d1c3700f407cd2f4d8b76e72d74dbf387422e82f11589029

kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: dbc52662645cf2f329d6dd0d35237b3b6fd4d81210acdcb55dde1fc57e47b23b

kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 4371b009b95c46757dc46e85cb6d09b66a7bc9869e80ff8bd17b8cdbf9178df1

kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 334b45867fba4a1271d8b5bac534054a6974f272532b8fb53766a295ababb697

Red Hat Enterprise Linux for Real Time for NFV 8

SRPM

kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm

SHA-256: 07b96f9f984e6b219d560ce24a26d717387e048695d6ea15878dbf2047d1c57b

x86_64

kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: ba934c62edc41eca93e717799f9e927a21874a8691f84ca1824c0339660d7a9e

kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 5e54b9d1b7c79030e4840a29605273e29c5ecd5147e159fc93d4a41ccea8179e

kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 7d341dfd0e6a5bcc09e52d7fe58d814d6400258fd51b756a7c89005ac6c64661

kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: f169809e75bc44b56234145de2980539dce4fd2a7ab937ad7847cab04cedf27f

kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: e9707b41f9a71593473ca63d37b821fd82defe8a683eba653a1d6e70dae9155d

kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 17ba5491a2080b548ef427f225b652a7382f79ff8c9d7a076f7d64553edff9c1

kernel-rt-debug-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 613377109832e4c7f8a0a0761e7bf4bad8bbbd486320ce0f797f68aec0585498

kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 7f864678fafd3ade8524a665f2ec21d1e3ae6b775e2c40d10824d2deaf099ad9

kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 574c8ea38cd6ce9f4e167432528565f4e6e6d35163af99784c620063eed28b54

kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 1ee11d44e69ae1d253a376b84d6362b316610e6ae95d4f6c336cd5794ac5595d

kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: a39ca6b8f20ce557d1c3700f407cd2f4d8b76e72d74dbf387422e82f11589029

kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: dbc52662645cf2f329d6dd0d35237b3b6fd4d81210acdcb55dde1fc57e47b23b

kernel-rt-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 57e175ac8f9130fee7d52c391fb6a4bb559120be04d7dda329c2f3490cf4cbf6

kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 4371b009b95c46757dc46e85cb6d09b66a7bc9869e80ff8bd17b8cdbf9178df1

kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm

SHA-256: 334b45867fba4a1271d8b5bac534054a6974f272532b8fb53766a295ababb697

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Ubuntu Security Notice USN-6124-1

Ubuntu Security Notice 6124-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service.

Ubuntu Security Notice USN-6089-1

Ubuntu Security Notice 6089-1 - It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5950-1

Ubuntu Security Notice 5950-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5938-1

Ubuntu Security Notice 5938-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5934-1

Ubuntu Security Notice 5934-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-5929-1

Ubuntu Security Notice 5929-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5912-1

Ubuntu Security Notice 5912-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-0859-01

Red Hat Security Advisory 2023-0859-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include code execution and integer overflow vulnerabilities.

RHSA-2023:0859: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update batch#4 (oVirt-4.5.3-4)

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4139: An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. * CVE-2022-47629: A vulnerability was found in the Libksba library, due to an integer ...

Red Hat Security Advisory 2023-0536-01

Red Hat Security Advisory 2023-0536-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-0526-01

Red Hat Security Advisory 2023-0526-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

RHSA-2023:0536: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0512: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0496: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

Red Hat Security Advisory 2023-0441-01

Red Hat Security Advisory 2023-0441-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-0440-01

Red Hat Security Advisory 2023-0440-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2023-0400-01

Red Hat Security Advisory 2023-0400-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2023-0396-01

Red Hat Security Advisory 2023-0396-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-0392-01

Red Hat Security Advisory 2023-0392-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

RHSA-2023:0440: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-26373: hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions

RHSA-2023:0399: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26401: hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.

RHSA-2023:0400: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26401: hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.

RHSA-2023:0395: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.

RHSA-2023:0396: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.

RHSA-2023:0348: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-43945: kernel: nfsd buffer overflow by RPC message over TCP with garbage data

RHSA-2023:0300: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-3077: kernel: i2c: unbounded length leads to buffer overflow in ismt_access() * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-3059...

RHSA-2023:0334: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-3077: kernel: i2c: unbounded length leads to buffer overflow in ismt_access() * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-30594: ...

Red Hat Security Advisory 2023-0114-01

Red Hat Security Advisory 2023-0114-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2023-0123-01

Red Hat Security Advisory 2023-0123-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-0101-01

Red Hat Security Advisory 2023-0101-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

RHSA-2023:0101: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0101: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0123: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

RHSA-2023:0123: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access

CVE-2023-0036: en/security-disclosure/2023/2023-01.md · OpenHarmony/security - Gitee.com

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

CVE-2022-4129: [SECURITY] Fedora 35 Update: kernel-6.0.11-100.fc35 - package-announce

A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol (L2TP). A missing lock when clearing sk_user_data can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service.

CVE-2022-41686: en/security-disclosure/2022/2022-10.md · OpenHarmony/security - Gitee.com

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.

Ubuntu Security Notice USN-5650-1

Ubuntu Security Notice 5650-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2022-2964: Invalid Bug ID

A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.