Headline
RHSA-2023:0059: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-01-10
Updated:
2023-01-10
RHSA-2023:0059 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM
kpatch-patch-4_18_0-147_70_1-1-2.el8_1.src.rpm
SHA-256: 08bcca96655c9f0437c513f451f4b6a34d3bd2f6dbcd8db63dc5c0387e9d551e
kpatch-patch-4_18_0-147_74_1-1-2.el8_1.src.rpm
SHA-256: 7dd5998e7dd6dfc38c0f7299e0ed261e66982662ce9529e195dcc4a3bc390fd0
kpatch-patch-4_18_0-147_76_1-1-1.el8_1.src.rpm
SHA-256: 8c632b95f419771409191734b5c08b8ca730d34ad1ffcd3a140ba8ef6d4b10aa
kpatch-patch-4_18_0-147_77_1-1-1.el8_1.src.rpm
SHA-256: 500e8efe3e21d52150b74521062afe5ab106766b439c9e090d4cfc17c7266d75
ppc64le
kpatch-patch-4_18_0-147_70_1-1-2.el8_1.ppc64le.rpm
SHA-256: 15c082aea8802f439aaaa8d62deed470038b9cc38557958d27c5310e6368d9cd
kpatch-patch-4_18_0-147_70_1-debuginfo-1-2.el8_1.ppc64le.rpm
SHA-256: 205525d7f956935a68d2fe5909db640d8f3f5001b8dab117dfe482ac322e42bb
kpatch-patch-4_18_0-147_70_1-debugsource-1-2.el8_1.ppc64le.rpm
SHA-256: a4cdd69bb3cc7a83c1086215c44a7eddaf2445a60b439953ba6333a665ac2000
kpatch-patch-4_18_0-147_74_1-1-2.el8_1.ppc64le.rpm
SHA-256: 58420804cd4d35f07753a6f409dca5b57589884b60d02868a853f19cd4d20526
kpatch-patch-4_18_0-147_74_1-debuginfo-1-2.el8_1.ppc64le.rpm
SHA-256: d28c6526d7ff0514d009981a5c4ca4a2505baec1a69913b34eb1de90d58c50a4
kpatch-patch-4_18_0-147_74_1-debugsource-1-2.el8_1.ppc64le.rpm
SHA-256: 9f96fed7779d5577ff542a8616993a023341afedde28a45a052bbb4173e4aea5
kpatch-patch-4_18_0-147_76_1-1-1.el8_1.ppc64le.rpm
SHA-256: 94682d1c833fbadee26a75da7cabf0d1550cfbfe1fc20805a6af1eb07207a685
kpatch-patch-4_18_0-147_76_1-debuginfo-1-1.el8_1.ppc64le.rpm
SHA-256: bf17c7e2da6130989c030648acb8c98d5dae4281499427d69f06fce2979030c8
kpatch-patch-4_18_0-147_76_1-debugsource-1-1.el8_1.ppc64le.rpm
SHA-256: 36d4721edf0c7bb533419029bdda2a1b9bf968218c4e1de4571d0e2e118191de
kpatch-patch-4_18_0-147_77_1-1-1.el8_1.ppc64le.rpm
SHA-256: 9bfc8d2f47639289154b42146b6f43193b8c6f4b34182b489301462f6e7291bd
kpatch-patch-4_18_0-147_77_1-debuginfo-1-1.el8_1.ppc64le.rpm
SHA-256: 10ff627e11647e8744b54b45530e9ea78bf1b32dbd9e5315b2935da0d989b5bf
kpatch-patch-4_18_0-147_77_1-debugsource-1-1.el8_1.ppc64le.rpm
SHA-256: 20bf1318773ec02f5e6f08f875370bc91e6af141e25cedb7f381ee5d6ad7af3b
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM
kpatch-patch-4_18_0-147_70_1-1-2.el8_1.src.rpm
SHA-256: 08bcca96655c9f0437c513f451f4b6a34d3bd2f6dbcd8db63dc5c0387e9d551e
kpatch-patch-4_18_0-147_74_1-1-2.el8_1.src.rpm
SHA-256: 7dd5998e7dd6dfc38c0f7299e0ed261e66982662ce9529e195dcc4a3bc390fd0
kpatch-patch-4_18_0-147_76_1-1-1.el8_1.src.rpm
SHA-256: 8c632b95f419771409191734b5c08b8ca730d34ad1ffcd3a140ba8ef6d4b10aa
kpatch-patch-4_18_0-147_77_1-1-1.el8_1.src.rpm
SHA-256: 500e8efe3e21d52150b74521062afe5ab106766b439c9e090d4cfc17c7266d75
x86_64
kpatch-patch-4_18_0-147_70_1-1-2.el8_1.x86_64.rpm
SHA-256: 2d31b7593fdbc47016a4e4dbecd7890e7d267c8ee9773a8bc0715ba45def3ccb
kpatch-patch-4_18_0-147_70_1-debuginfo-1-2.el8_1.x86_64.rpm
SHA-256: c5b6eb28034150d4cc6394e9a753e6d528b52a71bf9ee76985dad1bca2ef0749
kpatch-patch-4_18_0-147_70_1-debugsource-1-2.el8_1.x86_64.rpm
SHA-256: 3edccb40e47cbd8a1ef953adb9e2c773bc83c73b5266a8565fa8f2bd19830bf0
kpatch-patch-4_18_0-147_74_1-1-2.el8_1.x86_64.rpm
SHA-256: 1be58551f892beb8784db61128a046720ce337336f4ae3c5a159e84221a99020
kpatch-patch-4_18_0-147_74_1-debuginfo-1-2.el8_1.x86_64.rpm
SHA-256: de359e5062fe42c77231f89a71b772a79fb37d7e8c18759b74fc1ed6d845e309
kpatch-patch-4_18_0-147_74_1-debugsource-1-2.el8_1.x86_64.rpm
SHA-256: c72fbcb395b5c9f7ab1ea3a441b3a9da052494d46404cf3bfc5865dc58bb0b1b
kpatch-patch-4_18_0-147_76_1-1-1.el8_1.x86_64.rpm
SHA-256: 342755e05f0edbdabc380a49f221a30096430d4b98577d010b8844a15359a923
kpatch-patch-4_18_0-147_76_1-debuginfo-1-1.el8_1.x86_64.rpm
SHA-256: 615320745453965d26dff0d1cff6aa9672e718dd9f7846d9c8262ec8318f5f82
kpatch-patch-4_18_0-147_76_1-debugsource-1-1.el8_1.x86_64.rpm
SHA-256: c6bbd6f0298cbb13e5c0fd20f7dc7b3ef796c317c821d21b1adbab32c45d284a
kpatch-patch-4_18_0-147_77_1-1-1.el8_1.x86_64.rpm
SHA-256: a746d1467a0220e401d508bdad66c5ce0bbeef3016d05811982ee32d92541192
kpatch-patch-4_18_0-147_77_1-debuginfo-1-1.el8_1.x86_64.rpm
SHA-256: 3b7f46a7679a75fe535702b3334ee0055e093946b53423edd081aff1fa2e435a
kpatch-patch-4_18_0-147_77_1-debugsource-1-1.el8_1.x86_64.rpm
SHA-256: 69394c25adfa938956d3352c1c8c48ce487b4b47a6e7180637becb9009a9db28
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Red Hat Security Advisory 2022-9082-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds write, and privilege escalation vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-43945: kernel: nfsd buffer overflow by RP...
Red Hat Security Advisory 2022-8989-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2022-8973-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, code execution, memory leak, out of bounds write, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2022-8974-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, code execution, out of bounds write, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2022-8940-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi...
Red Hat Security Advisory 2022-8809-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()