Headline
RHSA-2022:1103: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation
- CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it
- CVE-2022-0330: kernel: possible privileges escalation due to missing TLB flush
- CVE-2022-22942: kernel: failing usercopy allows for use-after-free exploitation
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
- Red Hat CodeReady Studio
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-03-29
Updated:
2022-03-29
RHSA-2022:1103 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
- kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
- kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
- kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server - AUS 7.6 x86_64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
Fixes
- BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
- BZ - 2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
- BZ - 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
- BZ - 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation
CVEs
- CVE-2021-0920
- CVE-2021-4083
- CVE-2022-0330
- CVE-2022-22942
Red Hat Enterprise Linux Server - AUS 7.6
SRPM
kpatch-patch-3_10_0-957_72_1-1-6.el7.src.rpm
SHA-256: 6e3a49d0a6b21f378a1dbe8db833440b8ab726f6f8e162e3d82f4a5e7db0f31d
kpatch-patch-3_10_0-957_76_1-1-6.el7.src.rpm
SHA-256: 33c5f8977b0d5c198e801de13a13ed3c51c5eda2c197114e02f8593842de771e
kpatch-patch-3_10_0-957_78_2-1-5.el7.src.rpm
SHA-256: ee8d476fbefe25fe787a6becf21c077430166224449058f70100919d6d8261fd
kpatch-patch-3_10_0-957_80_1-1-4.el7.src.rpm
SHA-256: 20d71ed2877dd12d300be5c708c126f580412bccdd0ced856afc0d7340e5da43
kpatch-patch-3_10_0-957_84_1-1-3.el7.src.rpm
SHA-256: 1cbf0de25d80d9be2d6f7da2c1305c28fd050dedaf14817c4c0bd6894e4a180c
kpatch-patch-3_10_0-957_86_1-1-2.el7.src.rpm
SHA-256: 78614f8a84225bf253babc6e61000b0fee5d27151e8462b298cfb0a9a88d8d71
kpatch-patch-3_10_0-957_88_1-1-1.el7.src.rpm
SHA-256: 8482f4d80304bbfe6fa017ceb8e8c61388e5fe4fcfd015b421913b6dd2685ac6
x86_64
kpatch-patch-3_10_0-957_72_1-1-6.el7.x86_64.rpm
SHA-256: e9d3fbe2b7e752c2c8c76fbac510a0a04667a9b5c0558494769eea34e24bb51a
kpatch-patch-3_10_0-957_72_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: adf27d5ab7d222ab3a2a03c4714d6fd5cea544cfdd9744bf238f3c52d397d041
kpatch-patch-3_10_0-957_76_1-1-6.el7.x86_64.rpm
SHA-256: 259de8667caea2e6aa22a23382df8a729cc4f1cb16fb9ff5ba341a9cbdd28507
kpatch-patch-3_10_0-957_76_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 52b2b2f710e1eeb2467926bd0c0a8af95418dcf5ac18794cc9315309ee7cc752
kpatch-patch-3_10_0-957_78_2-1-5.el7.x86_64.rpm
SHA-256: f5417cf2a9303c0a10dcf370bb3373afb481a7d48ccf32e1c0c94880f06bf2e9
kpatch-patch-3_10_0-957_78_2-debuginfo-1-5.el7.x86_64.rpm
SHA-256: 2e4f20118f8650d1e3173ff02a509f235adf03184533a395f23a9ce1ec3bcb28
kpatch-patch-3_10_0-957_80_1-1-4.el7.x86_64.rpm
SHA-256: e2827133620135e98056f86919e784e9f1fd7a738566ef9dc575831dd2a79508
kpatch-patch-3_10_0-957_80_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: 04854da094f9390c37fc638a6de7c823758a460aab219f9d24fe5422a08170ff
kpatch-patch-3_10_0-957_84_1-1-3.el7.x86_64.rpm
SHA-256: 46a18e06ab644680ab9df9357901d8743b51106de58c175441a94910f204daf3
kpatch-patch-3_10_0-957_84_1-debuginfo-1-3.el7.x86_64.rpm
SHA-256: 0c4975619b561af95cce28dc11d6f5a08ffa743a8008f6d050854c4b948a9945
kpatch-patch-3_10_0-957_86_1-1-2.el7.x86_64.rpm
SHA-256: 0f56c25107d97f6571ade087cf1c6e2220ef4a5bc4f8890489370da527464a1d
kpatch-patch-3_10_0-957_86_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: e32f1949bea1600b460498255224aa765eebce7af98d5a41a25c888829e74d43
kpatch-patch-3_10_0-957_88_1-1-1.el7.x86_64.rpm
SHA-256: b27f804258482258f104df76ee869287f4657529b6a6fd296bdcf93c347c36c8
kpatch-patch-3_10_0-957_88_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: 704dad5ac80e1d35402207635d2fb49ef5ab6c174ed7eaa2a33c0b4aadda1ec2
Red Hat Enterprise Linux Server - TUS 7.6
SRPM
kpatch-patch-3_10_0-957_72_1-1-6.el7.src.rpm
SHA-256: 6e3a49d0a6b21f378a1dbe8db833440b8ab726f6f8e162e3d82f4a5e7db0f31d
kpatch-patch-3_10_0-957_76_1-1-6.el7.src.rpm
SHA-256: 33c5f8977b0d5c198e801de13a13ed3c51c5eda2c197114e02f8593842de771e
kpatch-patch-3_10_0-957_78_2-1-5.el7.src.rpm
SHA-256: ee8d476fbefe25fe787a6becf21c077430166224449058f70100919d6d8261fd
kpatch-patch-3_10_0-957_80_1-1-4.el7.src.rpm
SHA-256: 20d71ed2877dd12d300be5c708c126f580412bccdd0ced856afc0d7340e5da43
kpatch-patch-3_10_0-957_84_1-1-3.el7.src.rpm
SHA-256: 1cbf0de25d80d9be2d6f7da2c1305c28fd050dedaf14817c4c0bd6894e4a180c
kpatch-patch-3_10_0-957_86_1-1-2.el7.src.rpm
SHA-256: 78614f8a84225bf253babc6e61000b0fee5d27151e8462b298cfb0a9a88d8d71
kpatch-patch-3_10_0-957_88_1-1-1.el7.src.rpm
SHA-256: 8482f4d80304bbfe6fa017ceb8e8c61388e5fe4fcfd015b421913b6dd2685ac6
x86_64
kpatch-patch-3_10_0-957_72_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: adf27d5ab7d222ab3a2a03c4714d6fd5cea544cfdd9744bf238f3c52d397d041
kpatch-patch-3_10_0-957_76_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 52b2b2f710e1eeb2467926bd0c0a8af95418dcf5ac18794cc9315309ee7cc752
kpatch-patch-3_10_0-957_78_2-debuginfo-1-5.el7.x86_64.rpm
SHA-256: 2e4f20118f8650d1e3173ff02a509f235adf03184533a395f23a9ce1ec3bcb28
kpatch-patch-3_10_0-957_80_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: 04854da094f9390c37fc638a6de7c823758a460aab219f9d24fe5422a08170ff
kpatch-patch-3_10_0-957_84_1-debuginfo-1-3.el7.x86_64.rpm
SHA-256: 0c4975619b561af95cce28dc11d6f5a08ffa743a8008f6d050854c4b948a9945
kpatch-patch-3_10_0-957_86_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: e32f1949bea1600b460498255224aa765eebce7af98d5a41a25c888829e74d43
kpatch-patch-3_10_0-957_88_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: 704dad5ac80e1d35402207635d2fb49ef5ab6c174ed7eaa2a33c0b4aadda1ec2
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6
SRPM
kpatch-patch-3_10_0-957_72_1-1-6.el7.src.rpm
SHA-256: 6e3a49d0a6b21f378a1dbe8db833440b8ab726f6f8e162e3d82f4a5e7db0f31d
kpatch-patch-3_10_0-957_76_1-1-6.el7.src.rpm
SHA-256: 33c5f8977b0d5c198e801de13a13ed3c51c5eda2c197114e02f8593842de771e
kpatch-patch-3_10_0-957_78_2-1-5.el7.src.rpm
SHA-256: ee8d476fbefe25fe787a6becf21c077430166224449058f70100919d6d8261fd
kpatch-patch-3_10_0-957_80_1-1-4.el7.src.rpm
SHA-256: 20d71ed2877dd12d300be5c708c126f580412bccdd0ced856afc0d7340e5da43
kpatch-patch-3_10_0-957_84_1-1-3.el7.src.rpm
SHA-256: 1cbf0de25d80d9be2d6f7da2c1305c28fd050dedaf14817c4c0bd6894e4a180c
kpatch-patch-3_10_0-957_86_1-1-2.el7.src.rpm
SHA-256: 78614f8a84225bf253babc6e61000b0fee5d27151e8462b298cfb0a9a88d8d71
kpatch-patch-3_10_0-957_88_1-1-1.el7.src.rpm
SHA-256: 8482f4d80304bbfe6fa017ceb8e8c61388e5fe4fcfd015b421913b6dd2685ac6
ppc64le
kpatch-patch-3_10_0-957_72_1-1-6.el7.ppc64le.rpm
SHA-256: dbb8d4d06aa9609a539c10dde9a7d0625981c6f00efbacaa36a0d9a439063a3b
kpatch-patch-3_10_0-957_72_1-debuginfo-1-6.el7.ppc64le.rpm
SHA-256: 8385843f64589ad2749a3e81d07f1d057d9d21108ff78baafb8c7f05c7dbeb90
kpatch-patch-3_10_0-957_76_1-1-6.el7.ppc64le.rpm
SHA-256: 2e697b192ef970fd0bf0b642c18c44ba80c30fc07a41a32fd3ea637e70a4af23
kpatch-patch-3_10_0-957_76_1-debuginfo-1-6.el7.ppc64le.rpm
SHA-256: 82237bb4768151b5771a1114e907a88652594ffe0633d08418196b2476750bc7
kpatch-patch-3_10_0-957_78_2-1-5.el7.ppc64le.rpm
SHA-256: e7e0bd43f0028d7e75fda375acf46cc457ece7663a29812cfc19dd3f20be745b
kpatch-patch-3_10_0-957_78_2-debuginfo-1-5.el7.ppc64le.rpm
SHA-256: d3f87465c66a82609afabe6df297bf38cb92beabfe1bcaa0669c440d26cdafb7
kpatch-patch-3_10_0-957_80_1-1-4.el7.ppc64le.rpm
SHA-256: 8352232468ce818b2c2415f76dc9c57c72db85d6ff6903614c908953267804b5
kpatch-patch-3_10_0-957_80_1-debuginfo-1-4.el7.ppc64le.rpm
SHA-256: 920c026789652f01a5a120b3aeb35e163f783c56dee32c3f574dff0353ee0e29
kpatch-patch-3_10_0-957_84_1-1-3.el7.ppc64le.rpm
SHA-256: 224f2882307071b95c0dcaa4d006a4e6d111c6e24a5bfd58409949623647d1d7
kpatch-patch-3_10_0-957_84_1-debuginfo-1-3.el7.ppc64le.rpm
SHA-256: 1695caffd7391f46796994aee0b821f0fe49f1e1740c2e756bb7ac109297793d
kpatch-patch-3_10_0-957_86_1-1-2.el7.ppc64le.rpm
SHA-256: b17ad655cf35fb174e359b24f94adba3134faac2d0e7c1d0a8ff5de6a5d00c44
kpatch-patch-3_10_0-957_86_1-debuginfo-1-2.el7.ppc64le.rpm
SHA-256: a271c2e041dc1b1f4b6680ae69717aba04b0b3d0c818a38ee16ea4ef0d589885
kpatch-patch-3_10_0-957_88_1-1-1.el7.ppc64le.rpm
SHA-256: 4183dba3e3d1adbd720850340ca6332d5f0eeda2fbd7bbd79cf0e6645cb1864c
kpatch-patch-3_10_0-957_88_1-debuginfo-1-1.el7.ppc64le.rpm
SHA-256: 0cd3a5803fc30674d7b28b917589255ed74d5cc5e5d5c57e6f0757ad0c439909
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6
SRPM
kpatch-patch-3_10_0-957_72_1-1-6.el7.src.rpm
SHA-256: 6e3a49d0a6b21f378a1dbe8db833440b8ab726f6f8e162e3d82f4a5e7db0f31d
kpatch-patch-3_10_0-957_76_1-1-6.el7.src.rpm
SHA-256: 33c5f8977b0d5c198e801de13a13ed3c51c5eda2c197114e02f8593842de771e
kpatch-patch-3_10_0-957_78_2-1-5.el7.src.rpm
SHA-256: ee8d476fbefe25fe787a6becf21c077430166224449058f70100919d6d8261fd
kpatch-patch-3_10_0-957_80_1-1-4.el7.src.rpm
SHA-256: 20d71ed2877dd12d300be5c708c126f580412bccdd0ced856afc0d7340e5da43
kpatch-patch-3_10_0-957_84_1-1-3.el7.src.rpm
SHA-256: 1cbf0de25d80d9be2d6f7da2c1305c28fd050dedaf14817c4c0bd6894e4a180c
kpatch-patch-3_10_0-957_86_1-1-2.el7.src.rpm
SHA-256: 78614f8a84225bf253babc6e61000b0fee5d27151e8462b298cfb0a9a88d8d71
kpatch-patch-3_10_0-957_88_1-1-1.el7.src.rpm
SHA-256: 8482f4d80304bbfe6fa017ceb8e8c61388e5fe4fcfd015b421913b6dd2685ac6
x86_64
kpatch-patch-3_10_0-957_72_1-1-6.el7.x86_64.rpm
SHA-256: e9d3fbe2b7e752c2c8c76fbac510a0a04667a9b5c0558494769eea34e24bb51a
kpatch-patch-3_10_0-957_72_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: adf27d5ab7d222ab3a2a03c4714d6fd5cea544cfdd9744bf238f3c52d397d041
kpatch-patch-3_10_0-957_76_1-1-6.el7.x86_64.rpm
SHA-256: 259de8667caea2e6aa22a23382df8a729cc4f1cb16fb9ff5ba341a9cbdd28507
kpatch-patch-3_10_0-957_76_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 52b2b2f710e1eeb2467926bd0c0a8af95418dcf5ac18794cc9315309ee7cc752
kpatch-patch-3_10_0-957_78_2-1-5.el7.x86_64.rpm
SHA-256: f5417cf2a9303c0a10dcf370bb3373afb481a7d48ccf32e1c0c94880f06bf2e9
kpatch-patch-3_10_0-957_78_2-debuginfo-1-5.el7.x86_64.rpm
SHA-256: 2e4f20118f8650d1e3173ff02a509f235adf03184533a395f23a9ce1ec3bcb28
kpatch-patch-3_10_0-957_80_1-1-4.el7.x86_64.rpm
SHA-256: e2827133620135e98056f86919e784e9f1fd7a738566ef9dc575831dd2a79508
kpatch-patch-3_10_0-957_80_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: 04854da094f9390c37fc638a6de7c823758a460aab219f9d24fe5422a08170ff
kpatch-patch-3_10_0-957_84_1-1-3.el7.x86_64.rpm
SHA-256: 46a18e06ab644680ab9df9357901d8743b51106de58c175441a94910f204daf3
kpatch-patch-3_10_0-957_84_1-debuginfo-1-3.el7.x86_64.rpm
SHA-256: 0c4975619b561af95cce28dc11d6f5a08ffa743a8008f6d050854c4b948a9945
kpatch-patch-3_10_0-957_86_1-1-2.el7.x86_64.rpm
SHA-256: 0f56c25107d97f6571ade087cf1c6e2220ef4a5bc4f8890489370da527464a1d
kpatch-patch-3_10_0-957_86_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: e32f1949bea1600b460498255224aa765eebce7af98d5a41a25c888829e74d43
kpatch-patch-3_10_0-957_88_1-1-1.el7.x86_64.rpm
SHA-256: b27f804258482258f104df76ee869287f4657529b6a6fd296bdcf93c347c36c8
kpatch-patch-3_10_0-957_88_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: 704dad5ac80e1d35402207635d2fb49ef5ab6c174ed7eaa2a33c0b4aadda1ec2
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.