Headline
RHSA-2023:0396: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-01-24
Updated:
2023-01-24
RHSA-2023:0396 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.src.rpm
SHA-256: 67d572cf13772c0372bf0e5a2a3e55b882357f63167df71d3b7fe5d8f330801c
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.src.rpm
SHA-256: 97d2b5e8c9873f983fb24a09fdc2f28a236a75a6e5755128d221121ba7525a1b
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.src.rpm
SHA-256: c1ba19ead8e94f4223b2d59c35a4e3912c05575e09cf09f2ab62e06e6fbc2d5d
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.src.rpm
SHA-256: 311bcb06a7b271a8060a2567a8df599988496d3d25459ac843b5b7db102d32f5
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.src.rpm
SHA-256: ef412e79ddb338aae090b6f9d36b2080ac945018602d0d6b9276770f2fe6aff4
ppc64le
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.ppc64le.rpm
SHA-256: c7721cfea85ab9fc4a9855240b3b6302592edf076e800530e2c56039629c9d66
kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.ppc64le.rpm
SHA-256: 446f62ef9d15c5680ef3be2743c3cc418a0158656baf8837e37eed42c2ef7bd0
kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.ppc64le.rpm
SHA-256: 4066405ed919c142aa33c43b4da24f9b1aecbfcc8d400a548ad2b40943821ac5
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.ppc64le.rpm
SHA-256: 37c486885b22de3ac542f37bc30ebb572344d0abab2ed5d3c9c489bfb321936f
kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.ppc64le.rpm
SHA-256: d29839eb57da32f8725111523f52be37fcafc9d06b078c889d66dbfb46782d2f
kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.ppc64le.rpm
SHA-256: 41d0b9ef4d044d58d51e2d91b1cb4f9cc57f7dc57157e856c29f66675e5b7a72
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.ppc64le.rpm
SHA-256: 1c89b87b41899f368649a0250688eedf79c379182c555537967d89d35ed6d79a
kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.ppc64le.rpm
SHA-256: e2046ccd4c2d71635687d0c7ee48c901086340dec1209086b96dc33285df74f7
kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.ppc64le.rpm
SHA-256: 5ad46b2fa86f82c8a426d58ba2c405f2609698173e444fb50c63ddd37bfb070a
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.ppc64le.rpm
SHA-256: 0793f3919d4203735711448435920c0b533eff1de6ceb4367fccf5dc1fd33e83
kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.ppc64le.rpm
SHA-256: fe4513f0f5d03d197932126cf4459f087d261caf96984512e0aa5361919e830f
kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.ppc64le.rpm
SHA-256: ea922a215eead4a4a2d9190b07dc9c765f67fdc554f1e525e975280aed38d373
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.ppc64le.rpm
SHA-256: 1153cade27e0f6d28fb528d51d21705f85536cce76afdf94ac05d1203650929a
kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.ppc64le.rpm
SHA-256: 9a21491b422ee20e00332c71d555394b7b8a126cd0e8d8d197dea8e1d347d15e
kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.ppc64le.rpm
SHA-256: fcf213c490ab92cf2b0e95171e8858af0857253c9f52bfccaa4d7fddebc32ad9
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.src.rpm
SHA-256: 67d572cf13772c0372bf0e5a2a3e55b882357f63167df71d3b7fe5d8f330801c
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.src.rpm
SHA-256: 97d2b5e8c9873f983fb24a09fdc2f28a236a75a6e5755128d221121ba7525a1b
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.src.rpm
SHA-256: c1ba19ead8e94f4223b2d59c35a4e3912c05575e09cf09f2ab62e06e6fbc2d5d
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.src.rpm
SHA-256: 311bcb06a7b271a8060a2567a8df599988496d3d25459ac843b5b7db102d32f5
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.src.rpm
SHA-256: ef412e79ddb338aae090b6f9d36b2080ac945018602d0d6b9276770f2fe6aff4
x86_64
kpatch-patch-4_18_0-193_87_1-1-3.el8_2.x86_64.rpm
SHA-256: a7b085424e7e73b45b354355753afb3d41b74526ddf2d3307f6da4117fffed10
kpatch-patch-4_18_0-193_87_1-debuginfo-1-3.el8_2.x86_64.rpm
SHA-256: 7ff378e0cf09c47778773d3097ef9b346a8ebded676aea2c4e32b5d9328c6fdf
kpatch-patch-4_18_0-193_87_1-debugsource-1-3.el8_2.x86_64.rpm
SHA-256: 0086153e83145f815f3d8217f6f3ee7253d9df096acf641a0187d3ed30836d85
kpatch-patch-4_18_0-193_90_1-1-3.el8_2.x86_64.rpm
SHA-256: b00028ccba3473a844d3500c5b733e3cf615eb88c41a6c1de3138a1055972df4
kpatch-patch-4_18_0-193_90_1-debuginfo-1-3.el8_2.x86_64.rpm
SHA-256: cb0e855284a9b7e9f0e6c6da3192806ead155acbe4a7666ae1471ac02e93e695
kpatch-patch-4_18_0-193_90_1-debugsource-1-3.el8_2.x86_64.rpm
SHA-256: 9282381530d3fc6acb47f51fe56aab3c179a3a3401c7eb8253e257bcb0df2543
kpatch-patch-4_18_0-193_91_1-1-3.el8_2.x86_64.rpm
SHA-256: 16fb4e68c8b57e261bacd7d255af46e0e0c9cb63c85eb11765f492000cd6acba
kpatch-patch-4_18_0-193_91_1-debuginfo-1-3.el8_2.x86_64.rpm
SHA-256: a7df3efd2a44db0eacd999e0039ed38342ddbf1bcde06fd265e6511bb07209d1
kpatch-patch-4_18_0-193_91_1-debugsource-1-3.el8_2.x86_64.rpm
SHA-256: 8e734d7142b6d8f53d600280385fb0e2f46789822a67d0c38abb5db6ef024610
kpatch-patch-4_18_0-193_93_1-1-2.el8_2.x86_64.rpm
SHA-256: 996f7c8a7075b96ecde47cb011fafd9234a03b78b6041f04ee9aec8e4952dffc
kpatch-patch-4_18_0-193_93_1-debuginfo-1-2.el8_2.x86_64.rpm
SHA-256: 738dcde6ce067d999e21680a9f4156f920c401613f24f83edf8c9053e9d85ca0
kpatch-patch-4_18_0-193_93_1-debugsource-1-2.el8_2.x86_64.rpm
SHA-256: 79396cec8dc4cdb07e4c7bc9aee48810f7836b7580781c7cc1902553d9fadddc
kpatch-patch-4_18_0-193_95_1-1-1.el8_2.x86_64.rpm
SHA-256: 1189db929a686efb45abf653f0f885fde33f63ce1d949532b91f143f613a3b1e
kpatch-patch-4_18_0-193_95_1-debuginfo-1-1.el8_2.x86_64.rpm
SHA-256: c4a0974c5d542d329ab2719860914a00d04cbb7d2fe37b49637e6462ccdaaad8
kpatch-patch-4_18_0-193_95_1-debugsource-1-1.el8_2.x86_64.rpm
SHA-256: 81dfd8145e59e736786bc32dd075d7ed6ce9dffba1d4e610f127e70991bfe998
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-41222: A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space account...
Red Hat Security Advisory 2023-1130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in ho...
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload i...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
Red Hat Security Advisory 2023-0404-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Red Hat Security Advisory 2023-0392-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26401: hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26401: hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-3077: kernel: i2c: unbounded length leads to buffer overflow in ismt_access() * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-30594: ...
Red Hat Security Advisory 2023-0123-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
Ubuntu Security Notice 5650-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.