Headline
RHSA-2023:4262: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation.
- CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configuration. This vulnerability can be abused to perform arbitrary reads and writes in kernel memory. A local user (with CAP_NET_ADMIN capability) could use this flaw to crash the system or potentially escalate their privileges on the system.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
Issued:
2023-07-25
Updated:
2023-07-25
RHSA-2023:4262 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
- kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation (CVE-2023-32233)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
Fixes
- BZ - 2181847 - CVE-2023-1281 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation
- BZ - 2196105 - CVE-2023-32233 kernel: netfilter: use-after-free in nf_tables when processing batch requests can lead to privilege escalation
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM
kpatch-patch-4_18_0-305_76_1-1-4.el8_4.src.rpm
SHA-256: 60e6afcc5893d3e0a136c8ce12620327c3f67a7716f051f4b6133a3d7755b1d7
kpatch-patch-4_18_0-305_82_1-1-3.el8_4.src.rpm
SHA-256: d7828f498ec0b254ff365400793ae9ec145cb9f03a00346759ce4d2de5971613
kpatch-patch-4_18_0-305_86_2-1-2.el8_4.src.rpm
SHA-256: 3ce57257be6e6e4383d45120ce08b7dae7773262c4e313ef91cb7aba59b35b21
kpatch-patch-4_18_0-305_88_1-1-2.el8_4.src.rpm
SHA-256: 58e91207725e5ae1723196006375f4a829dd02741cf9dd2ed8e76d99f428c833
kpatch-patch-4_18_0-305_91_1-1-1.el8_4.src.rpm
SHA-256: d6877c84c312db4d77e3da49faddbe83dbecbfb71f44b7cc2bf1aac051af9c70
ppc64le
kpatch-patch-4_18_0-305_76_1-1-4.el8_4.ppc64le.rpm
SHA-256: efdfb9219da5a11e09ac8cf09b0e4f009d38fad2058d5b6c576ee14120c08679
kpatch-patch-4_18_0-305_76_1-debuginfo-1-4.el8_4.ppc64le.rpm
SHA-256: 0888ae219541d6324d04473d7adb2407f05c573487f7881f21d9924931d2b1f3
kpatch-patch-4_18_0-305_76_1-debugsource-1-4.el8_4.ppc64le.rpm
SHA-256: ffc1d870d8ecf47b2e9bbae467950ad06e69809a57ccbf449118782ab8511cfd
kpatch-patch-4_18_0-305_82_1-1-3.el8_4.ppc64le.rpm
SHA-256: 8dbe1c7865dc29b2af6d653c969ff0e3dc31a8a03b2e336ff556f277c3741647
kpatch-patch-4_18_0-305_82_1-debuginfo-1-3.el8_4.ppc64le.rpm
SHA-256: f3ff7067a5e3129a37e27cf1e66d96a99b49e10e7087bd5037bf80924e73fb72
kpatch-patch-4_18_0-305_82_1-debugsource-1-3.el8_4.ppc64le.rpm
SHA-256: 5cbef0b53cbacf79c23a2176dc483424cfb70f25163fbdf979e73be40bd4b9d8
kpatch-patch-4_18_0-305_86_2-1-2.el8_4.ppc64le.rpm
SHA-256: 7997d664a703c8fe08b886e06e3c41bc73b7e09e6cae88fa2a9434cb095a1972
kpatch-patch-4_18_0-305_86_2-debuginfo-1-2.el8_4.ppc64le.rpm
SHA-256: 93ad9198a84fbe3abb5b5c42e0a768d6fd0c953f6a61a4b3b626f65f9299095e
kpatch-patch-4_18_0-305_86_2-debugsource-1-2.el8_4.ppc64le.rpm
SHA-256: 680380e9bc915babc26f01b1ba5d4b4b1a474114c7f69d9df8a5d6455a0336da
kpatch-patch-4_18_0-305_88_1-1-2.el8_4.ppc64le.rpm
SHA-256: 771167e0e42926e3d07bb6e36eddee03aaaa9c6ecc6b2d2ddd09e1ac2c1f432d
kpatch-patch-4_18_0-305_88_1-debuginfo-1-2.el8_4.ppc64le.rpm
SHA-256: c394e5c199369b0344220a7dfac856f4a093c7a6871fee5f93cb536b151910fe
kpatch-patch-4_18_0-305_88_1-debugsource-1-2.el8_4.ppc64le.rpm
SHA-256: 5028597e398e7e5c89d3cfcc8c5284843f0379dd3cd9bc6b96dc25b971efd6e7
kpatch-patch-4_18_0-305_91_1-1-1.el8_4.ppc64le.rpm
SHA-256: b4b9fbfe78458827833c7ad61f4ea57f82283dc90e4a6d6fe5838ca7322427ea
kpatch-patch-4_18_0-305_91_1-debuginfo-1-1.el8_4.ppc64le.rpm
SHA-256: 737001485289f6b80335a055e2f5d1d6a3b4744c2cac542ffdfa298794d3b16a
kpatch-patch-4_18_0-305_91_1-debugsource-1-1.el8_4.ppc64le.rpm
SHA-256: 9383d8fc25538d7977bb3369662201ae1c802527b8c1f2a51ddad6fdb2961aed
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4
SRPM
kpatch-patch-4_18_0-305_76_1-1-4.el8_4.src.rpm
SHA-256: 60e6afcc5893d3e0a136c8ce12620327c3f67a7716f051f4b6133a3d7755b1d7
kpatch-patch-4_18_0-305_82_1-1-3.el8_4.src.rpm
SHA-256: d7828f498ec0b254ff365400793ae9ec145cb9f03a00346759ce4d2de5971613
kpatch-patch-4_18_0-305_86_2-1-2.el8_4.src.rpm
SHA-256: 3ce57257be6e6e4383d45120ce08b7dae7773262c4e313ef91cb7aba59b35b21
kpatch-patch-4_18_0-305_88_1-1-2.el8_4.src.rpm
SHA-256: 58e91207725e5ae1723196006375f4a829dd02741cf9dd2ed8e76d99f428c833
kpatch-patch-4_18_0-305_91_1-1-1.el8_4.src.rpm
SHA-256: d6877c84c312db4d77e3da49faddbe83dbecbfb71f44b7cc2bf1aac051af9c70
x86_64
kpatch-patch-4_18_0-305_76_1-1-4.el8_4.x86_64.rpm
SHA-256: 96ef830821104cff28657d3b8a06f5c6fb1f6c4a0eb6c0e8ce0008dc3fe13450
kpatch-patch-4_18_0-305_76_1-debuginfo-1-4.el8_4.x86_64.rpm
SHA-256: abc6a4e7f5d78c94ae8301548bc8f5ca0716f78848c5973956eaa1daf68b78c4
kpatch-patch-4_18_0-305_76_1-debugsource-1-4.el8_4.x86_64.rpm
SHA-256: 6d09627e14a3f30d31faa0a02db272980d468716fe766822d2ed8f4801aae2ee
kpatch-patch-4_18_0-305_82_1-1-3.el8_4.x86_64.rpm
SHA-256: 293ea7afe7d69559ca220d2b120b8fb2d7e67abe51008daa4f937a5575b820ee
kpatch-patch-4_18_0-305_82_1-debuginfo-1-3.el8_4.x86_64.rpm
SHA-256: b4b1e271ebd3cd975cc831cbea67d67f00dde2d4d09ee973bc0942ed0976a6d6
kpatch-patch-4_18_0-305_82_1-debugsource-1-3.el8_4.x86_64.rpm
SHA-256: a1a963304b4512d889be2e1bbf7a26237799348cc761099ed3af80b0b0fd2555
kpatch-patch-4_18_0-305_86_2-1-2.el8_4.x86_64.rpm
SHA-256: cfa794d1ac09abf2acc4169b9d6d226bc84a8be4fef7f5daeff457e09e49c071
kpatch-patch-4_18_0-305_86_2-debuginfo-1-2.el8_4.x86_64.rpm
SHA-256: 0c604bfdf152e14a6fb8705540428cdaf8c77299f2b46858c8b3a261a63dea81
kpatch-patch-4_18_0-305_86_2-debugsource-1-2.el8_4.x86_64.rpm
SHA-256: e73c152e65d69bcc6cf91ffdd749c522421826f4064e984792cd400d07bcfa9b
kpatch-patch-4_18_0-305_88_1-1-2.el8_4.x86_64.rpm
SHA-256: 9e8e4a5295cd1f6e2245e6e5ef516553aa737d9c2f89401306ca1521ba27c057
kpatch-patch-4_18_0-305_88_1-debuginfo-1-2.el8_4.x86_64.rpm
SHA-256: 49181670e7d5e20b8a85203f9c13ac1578531a77ae7a09231dba001d6cd35bcc
kpatch-patch-4_18_0-305_88_1-debugsource-1-2.el8_4.x86_64.rpm
SHA-256: f586e543b204f2831c4b2a469957d247d30e3e6a2b91c928321106ea0bea76da
kpatch-patch-4_18_0-305_91_1-1-1.el8_4.x86_64.rpm
SHA-256: e765b2ece59e00c6755c61b6fed872c8e88c808dfe66707a7f7fc5e9348e8081
kpatch-patch-4_18_0-305_91_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: d3d5efd2d0e7b87f9759d43ec6279d852411cdf4c904652d177e81f7caa32d7b
kpatch-patch-4_18_0-305_91_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: febbd1322460d9419f68d07f8fa84e6a720d3bbb735857a4b993a9ac8c8feeca
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Red Hat Security Advisory 2023-5621-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-20593: A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. * CVE-2023-32233: A use-after-free vulnerability was found in the Netfilter subsystem of the Linux kernel when processing batch requests to update nf_tables configurat...
Red Hat Security Advisory 2023-4699-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4517-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via B...
Red Hat Security Advisory 2023-4262-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traver...
Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.
Red Hat OpenShift Container Platform release 4.11.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-21235: A flaw was found in the VCS package, caused by improper validation of user-supplied input. By using a specially-crafted argument, a remote attacker could execute arbitrary commands o...
Ubuntu Security Notice 6222-1 - Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. Zheng Wang discovered that the Intel i915 graphics driver in the Linux kernel did not properly handle certain error conditions, leading to a double-free. A local attacker could possibly use this to cause a denial of service.
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
Ubuntu Security Notice 6150-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2023-3490-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3470-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 6135-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2023-3351-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-3350-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 6134-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6131-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6122-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6093-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
Ubuntu Security Notice 6057-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 5977-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area can be updated while packets are traversing, which will cause a use-after-free when 'tcf_exts_exec()' is called with the destroyed tcf_ext. A local attacker user can use this vulnerability to elevate its privileges to root. This issue affects Linux Kernel: from 4.14 before git commit ee059170b1f7e94e55fa6cadee544e176a6e59c2.