Headline
RHSA-2023:1681: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-04-10
Updated:
2023-04-10
RHSA-2023:1681 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Fixes
- BZ - 2159505 - CVE-2023-0386 kernel: FUSE filesystem low-privileged user privileges escalation
Red Hat Enterprise Linux for x86_64 9
SRPM
kpatch-patch-5_14_0-162_12_1-1-3.el9_1.src.rpm
SHA-256: 49afc2cd89257cc0e51ccb05dca5d617f5f93c2ed2c92ac2bcaf40dd6578522b
kpatch-patch-5_14_0-162_18_1-1-2.el9_1.src.rpm
SHA-256: 1b05e11614d4826212f2e6f53e6219f739aeb6b47e7494152fea7733e34c904a
kpatch-patch-5_14_0-162_22_2-1-1.el9_1.src.rpm
SHA-256: 89e8951458af7eed16e2b80b80a174fade77d763c9942e6168fbec12b82ce14f
kpatch-patch-5_14_0-162_6_1-1-4.el9_1.src.rpm
SHA-256: a19b68f71dfa839602f2e0d73b181dbe1c56927d37c3035871ad898df467b48e
x86_64
kpatch-patch-5_14_0-162_12_1-1-3.el9_1.x86_64.rpm
SHA-256: 33e805422d1a0cc45dd4877540de1fe4498f3184d70b208eda9c6c7a88c18b6d
kpatch-patch-5_14_0-162_12_1-debuginfo-1-3.el9_1.x86_64.rpm
SHA-256: f201b17acd5dc78b122a25964635d40f077e9ecad230d386c05ad224c6465cef
kpatch-patch-5_14_0-162_12_1-debugsource-1-3.el9_1.x86_64.rpm
SHA-256: c45a3e9a089834974a6a28b938af6229d825605f1bcdd897afd788d9f44a3f0b
kpatch-patch-5_14_0-162_18_1-1-2.el9_1.x86_64.rpm
SHA-256: 3364e30385a558e7d185a8b727b711461efbf41ca76bfcdcc61f89d1b69c298b
kpatch-patch-5_14_0-162_18_1-debuginfo-1-2.el9_1.x86_64.rpm
SHA-256: d7214d75933f95324f8b91d50d41b9dcc40160a00d74ef922d8f7f42de87fd74
kpatch-patch-5_14_0-162_18_1-debugsource-1-2.el9_1.x86_64.rpm
SHA-256: ad9cb8520c3553649a059e38fd3358e882cb394fa48b0a0cb1f54321b218cd3c
kpatch-patch-5_14_0-162_22_2-1-1.el9_1.x86_64.rpm
SHA-256: e531a7f89cdfa80f800db9ac8fa8ff7f9a3d5a2843ab3bade2d2d9519601383d
kpatch-patch-5_14_0-162_22_2-debuginfo-1-1.el9_1.x86_64.rpm
SHA-256: d3f7a39ab642b06878ee551d42bf4f372083ce998f981ce0741662d194a1a1eb
kpatch-patch-5_14_0-162_22_2-debugsource-1-1.el9_1.x86_64.rpm
SHA-256: 15cea3134166d949d297a038b5ab43b32059c2a043da96b536ccdfd88a32b699
kpatch-patch-5_14_0-162_6_1-1-4.el9_1.x86_64.rpm
SHA-256: b10b9e430a64d54ca6b7161821339da57e739736b2c6800f112d7678fdc12da1
kpatch-patch-5_14_0-162_6_1-debuginfo-1-4.el9_1.x86_64.rpm
SHA-256: 783c525338d8fe051c61b3e079e06f24f6e51059a066f7756b7df19fee7ee916
kpatch-patch-5_14_0-162_6_1-debugsource-1-4.el9_1.x86_64.rpm
SHA-256: c0c492496b892443757ec839fc21442877de87427d83089c9d415e7a1e43a40a
Red Hat Enterprise Linux for Power, little endian 9
SRPM
kpatch-patch-5_14_0-162_12_1-1-3.el9_1.src.rpm
SHA-256: 49afc2cd89257cc0e51ccb05dca5d617f5f93c2ed2c92ac2bcaf40dd6578522b
kpatch-patch-5_14_0-162_18_1-1-2.el9_1.src.rpm
SHA-256: 1b05e11614d4826212f2e6f53e6219f739aeb6b47e7494152fea7733e34c904a
kpatch-patch-5_14_0-162_22_2-1-1.el9_1.src.rpm
SHA-256: 89e8951458af7eed16e2b80b80a174fade77d763c9942e6168fbec12b82ce14f
kpatch-patch-5_14_0-162_6_1-1-4.el9_1.src.rpm
SHA-256: a19b68f71dfa839602f2e0d73b181dbe1c56927d37c3035871ad898df467b48e
ppc64le
kpatch-patch-5_14_0-162_12_1-1-3.el9_1.ppc64le.rpm
SHA-256: aa91c30f1769aa5ad4bde87e6784d10e82c84362f9974a30ec23a2ca64a2d87f
kpatch-patch-5_14_0-162_12_1-debuginfo-1-3.el9_1.ppc64le.rpm
SHA-256: 8c0280861e1b6bb501131e865f9c7e78489dba2b2dcd054d7a9f736bf039549e
kpatch-patch-5_14_0-162_12_1-debugsource-1-3.el9_1.ppc64le.rpm
SHA-256: b6049ea28a052c7e3a6d83f531880d177addaebc1803291f871f66e125887971
kpatch-patch-5_14_0-162_18_1-1-2.el9_1.ppc64le.rpm
SHA-256: 73440c14b14652db20b64c3aa45fd54afd77cee37427a4765488977fef8c069c
kpatch-patch-5_14_0-162_18_1-debuginfo-1-2.el9_1.ppc64le.rpm
SHA-256: e977b82541c6654711ad83440d68bbca0f7f55c7905b413fca22397a94d85324
kpatch-patch-5_14_0-162_18_1-debugsource-1-2.el9_1.ppc64le.rpm
SHA-256: 7d66ce1f82cb72047d617eeae7d1426892c0e89204636c6f256c20a67c9a6e03
kpatch-patch-5_14_0-162_22_2-1-1.el9_1.ppc64le.rpm
SHA-256: f47742476a93b5811bf6a0229ca298107eaf86ea2f4c9c94443a2d5df80aec5b
kpatch-patch-5_14_0-162_22_2-debuginfo-1-1.el9_1.ppc64le.rpm
SHA-256: b9632110f94ac3682dd8c41ba4bd01299f9658d55db8dbf596d48d92c402b61d
kpatch-patch-5_14_0-162_22_2-debugsource-1-1.el9_1.ppc64le.rpm
SHA-256: ffb9f4f8f0a462d59ae55920b36906f6887aa8fa75dde18686ae2781f221ecab
kpatch-patch-5_14_0-162_6_1-1-4.el9_1.ppc64le.rpm
SHA-256: 4e03dfdac1b4bca7434e95bfc81c706b9bc37a455c2c5b7d8f0501726d5a18f7
kpatch-patch-5_14_0-162_6_1-debuginfo-1-4.el9_1.ppc64le.rpm
SHA-256: a3ba84e2388c0080faa2005bf8bd8baf9cfa9d3148deb26d9b0d14b82196d02b
kpatch-patch-5_14_0-162_6_1-debugsource-1-4.el9_1.ppc64le.rpm
SHA-256: 66072a35c5e2b8005f14f13a0d2eded274da6a67e2ab88e931cfa6a46c6a5225
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
This Metasploit module exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.
Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users. "The impacted Ubuntu versions are prevalent in the cloud as they serve as the default
It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
Debian Linux Security Advisory 5402-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Ubuntu Security Notice 6072-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6057-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3841: A Server-Side Request Forgery (SSRF) vulnerability was found in the console API endpoint from Red Hat Advanced Cluster Management for Kubernetes (RHACM). An attacker could take advantage of this as the console API endpoint is missing an authentication check, allowing unauth...
Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.
Red Hat Security Advisory 2023-1980-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2023-1984-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on t...
Ubuntu Security Notice 6025-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23521: A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, ...
Red Hat Security Advisory 2023-1660-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Red Hat Security Advisory 2023-1659-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4378: A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux So...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak problem. * CVE...
Red Hat Security Advisory 2023-1584-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2023-1554-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of se...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of...
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in the ALSA subsystem in sound/core/control.c in the Linux kernel. This flaw allows a local attacker to cause a use-after-free issue. * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux...
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.