Headline
RHSA-2023:1470: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action “mirred”) a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.
- CVE-2022-4744: A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.
- CVE-2023-0266: A use-after-free flaw was found in the ALSA subsystem in sound/core/control.c in the Linux kernel. This flaw allows a local attacker to cause a use-after-free issue.
Synopsis
Important: kernel security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744)
- ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
- kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- RHEL9.0 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127880)
- Cgroups_v2, when creating new cgroup/container, resets the cpu affinity masks for all usr processes on the system. (BZ#2143766)
- RHEL9.0 - boot: Add secure boot trailer (BZ#2151528)
- kernel-rt-debug: WARNING: possible circular locking dependency detected (&n->list_lock->&p->pi_lock->&lock->wait_lock) (BZ#2160614)
- Support cpuset.sched_load_balance by changing default CPUset directory structure (BZ#2161105)
- RHEL9.0 - s390/kexec: fix ipl report address for kdump (BZ#2166903)
- libgpiod doesn’t seem to work with Interphase gpiochip (BZ#2166956)
- Azure RHEL9 scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM (BZ#2170227)
Enhancement(s):
- IBM 9.2 FEAT: Upgrade the QETH driver to latest from upstream, e.g. kernel 6.0 (BZ#2166304)
- Intel 9.2 FEAT SPR CPU: AMX: Improve the init_fpstate setup code (BZ#2168382)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for x86_64 9 x86_64
- Red Hat Enterprise Linux for IBM z Systems 9 s390x
- Red Hat Enterprise Linux for Power, little endian 9 ppc64le
- Red Hat Enterprise Linux for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for x86_64 9 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
- Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
- Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
Fixes
- BZ - 2150272 - CVE-2022-4269 kernel: net: CPU soft lockup in TC mirred egress-to-ingress action
- BZ - 2156322 - CVE-2022-4744 kernel: tun: avoid double free in tun_free_netdev
- BZ - 2163379 - CVE-2023-0266 ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF
Red Hat Enterprise Linux for x86_64 9
SRPM
kernel-5.14.0-162.22.2.el9_1.src.rpm
SHA-256: b64671f21360e8d6f2f07a4cb69a4bf13b3c7bbecb6af93cbeb93a033259316b
x86_64
bpftool-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 48fd6b3be34bb93471319f390afa9dd785a1b3eae3a3b1a627071c4e888f3a0c
bpftool-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 3bbccc9104484ae16dd28b3f846d442bc378c9c7ae63a018b78020d762eba07b
bpftool-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 3bbccc9104484ae16dd28b3f846d442bc378c9c7ae63a018b78020d762eba07b
kernel-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 38fc63f822b322575ec308b6ebd1f85684d81b472cf9f432e4166fd678a0e79c
kernel-abi-stablelists-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 3b0eafac09f2d5691e2c801476d23bb34dc0ed8b908f552c2af8d66ea38bab6d
kernel-core-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 8ec9f7d8b2b6033ab67d32201ecb5df4aa791fb9d7c8a1357d790793c76bf027
kernel-debug-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: a9fed5eb1c8773ad3577ae253efd66c35623e3d9622493a54b1b2eed0d76961a
kernel-debug-core-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 324db0fd7525a0f07c05ca3decf4cb9a796e60094274fa72a5a453c578f1f064
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: e1f2c77c14fc52f5680a9a6c6ecd4b3e93434752ad2c91f07df13a9c7361c5a1
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: e1f2c77c14fc52f5680a9a6c6ecd4b3e93434752ad2c91f07df13a9c7361c5a1
kernel-debug-devel-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: a06fa21628667c1fa9de19195c8e608b637304baa560e8393307b7135dcfc403
kernel-debug-devel-matched-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: a8b8a027fb406c58a594455faaf1fa96464a8d7edce4f036bd2783d61c61cc02
kernel-debug-modules-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: bce6728eb3f34293850745b320bd96c7c8c74acaeb7019b2e67419e31a76ba2c
kernel-debug-modules-extra-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 329807e81f7d692a4f853ae05066bfdf15012982ffd2a805261d6c09da1d2c26
kernel-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 2cd202fc56cb04217f1a1de5c6cb45f479c52edcd9d5f6322ec10f4bcdb5a009
kernel-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 2cd202fc56cb04217f1a1de5c6cb45f479c52edcd9d5f6322ec10f4bcdb5a009
kernel-debuginfo-common-x86_64-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 79867ddda6453536a4d4c01d5c2311ae95e0c4b6b57bcceddb0bf23597eefa6e
kernel-debuginfo-common-x86_64-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 79867ddda6453536a4d4c01d5c2311ae95e0c4b6b57bcceddb0bf23597eefa6e
kernel-devel-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 8ba8b6922cb1f2e5bc389e6b5eff6ce1ac8913e56b9d22b50d34d22b30f5b037
kernel-devel-matched-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 491d7dbe0dbfcf95b5f7388e079028645a6670b65d779f3ac53234e540eb34dd
kernel-doc-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 2b39b757554c3bb77c10a9038ab2cdaea81e8a7f944306dc69caf854335b86be
kernel-headers-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: f662a1a6586f314c3758b7a114902b96e3875ed608c1a6528d12da1c71c184da
kernel-modules-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 690214fabd6cf95d42919636311f362c80abf8f852a666a8a43ba24ae8282dc5
kernel-modules-extra-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 2483523e96f4b6bf501d0dc040efaec93c6b2a1d192f3d8f8acdf71a021d9134
kernel-tools-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 29f41e64f5403fd82a4c909d970840ecd6c024ecf30c2b6da3b0d00772d6e49d
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 28f035d60fdb7babe51f3e55a25bf605b6ec303b54dbd1157acac90d5a1bb3aa
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 28f035d60fdb7babe51f3e55a25bf605b6ec303b54dbd1157acac90d5a1bb3aa
kernel-tools-libs-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: a994a6ed471cf69c0fa1e7e5db5bc746a75c2e3ef633404ecc7f8e55c2b917bd
perf-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 84ea8e752b9e02d67fa9fde6cdfbfa8e852c163316574bd7ed4b6d0271078768
perf-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 9c761133d8b2cbb807246ec596774152edeb109eaf09db7b9d2775c243d1fb04
perf-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 9c761133d8b2cbb807246ec596774152edeb109eaf09db7b9d2775c243d1fb04
python3-perf-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 294726cb822f1f2bef782092c2b676a0fdf8d401139e709d030960e4bd64f36d
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 200663e31fc89db231e8715ee04999d599a3d6ba31cbda4e10aec1931d6b5d78
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 200663e31fc89db231e8715ee04999d599a3d6ba31cbda4e10aec1931d6b5d78
Red Hat Enterprise Linux for IBM z Systems 9
SRPM
kernel-5.14.0-162.22.2.el9_1.src.rpm
SHA-256: b64671f21360e8d6f2f07a4cb69a4bf13b3c7bbecb6af93cbeb93a033259316b
s390x
bpftool-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 33201199e776aae093cc09fb12d5e510736577939505f138897dbc8a4a4ca108
bpftool-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 69e67e92767beda86a17cc0b86978f9f3dd8ecc6745431d8ee62c962e7c2a7cf
bpftool-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 69e67e92767beda86a17cc0b86978f9f3dd8ecc6745431d8ee62c962e7c2a7cf
kernel-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 0cf1d9cad7e31167815401bcdadfd0aee18961c26523557db2329d0472fd37a9
kernel-abi-stablelists-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 3b0eafac09f2d5691e2c801476d23bb34dc0ed8b908f552c2af8d66ea38bab6d
kernel-core-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: ffa4e664504380c8c0e2fc024d78410a1ac97171dde1e51bb4f54ea93ddcf497
kernel-debug-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 0205b2e6dcb4e1dd26a642e1685248b7e49e05d9705f487aae10a6249b197760
kernel-debug-core-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: a3dd913b63d2f86b0b55cdaea92c524701d921f14a65b9f9e2d843fdee13d8fd
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: f56eacfde6493a10268e812e9fc4807c7eabef79fed6173ff401be5b2667e48f
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: f56eacfde6493a10268e812e9fc4807c7eabef79fed6173ff401be5b2667e48f
kernel-debug-devel-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: b4be206d30f7d5efa698b983f05299268d1a4f2963b61295b992bad6368706b3
kernel-debug-devel-matched-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 6fa89762efed0c78effffe289bb1f389234e1eef7c70b118043cba3c3a985501
kernel-debug-modules-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: ad809c4ad3571d31d8fd1fdaecf5d637831daafceebe52a6e24e2afdb8bef711
kernel-debug-modules-extra-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 8ffec8bb8ab82059f09d322615196a1ee34ea3787182ea808ded508394fec796
kernel-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: b0d9b8ba9ba9504676a983fe858b71790364d63e005a6372bf72d5c2bffd792e
kernel-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: b0d9b8ba9ba9504676a983fe858b71790364d63e005a6372bf72d5c2bffd792e
kernel-debuginfo-common-s390x-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 2a4415a9709176a8ed625f4b1982a8a87b9003d3e5e5d674d0f9f6af8628059e
kernel-debuginfo-common-s390x-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 2a4415a9709176a8ed625f4b1982a8a87b9003d3e5e5d674d0f9f6af8628059e
kernel-devel-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 284e30e12c8fb7cc9bcf809eb1027f719862d9349666630c23f884a310371ba4
kernel-devel-matched-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: b25327ce96a85e8c40b6ecc37ab6e0c037e41795ff1bcda2e06a6af2bca50a7e
kernel-doc-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 2b39b757554c3bb77c10a9038ab2cdaea81e8a7f944306dc69caf854335b86be
kernel-headers-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: aaa23f20ad83997dd8befb2d46643dafcd398eae3fa6ac6f8a75d20bd8513374
kernel-modules-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 5baf814ffd8bfbfc1994385e41143dcf26be8823d6586f4d0bfd51e4aa37e289
kernel-modules-extra-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 891e858463076804695166bd4c90edb026dde800b2025c52ee8f8cd31a681f03
kernel-tools-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 1411a6b1daab63808e538aa235e1f1f0849ce676c98169e938615d10cea83671
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 1b95e4b2d5b8dbd2276466461acbbf7f9c983865853dc7d5550de18d03fcc55f
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 1b95e4b2d5b8dbd2276466461acbbf7f9c983865853dc7d5550de18d03fcc55f
kernel-zfcpdump-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: a86f5663ceff49aab198a7eee3b30120b0cb9a0acb2a7b94222470e13352f4dc
kernel-zfcpdump-core-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 445c669811fe2df7b11c9c9b2e7285276ba36d551e5a640e2675c73443d08b61
kernel-zfcpdump-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 1130e19e4fe36f12a17e98d5b8ae134faea1328fed32feabe3281dd9704a78f0
kernel-zfcpdump-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 1130e19e4fe36f12a17e98d5b8ae134faea1328fed32feabe3281dd9704a78f0
kernel-zfcpdump-devel-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 66f939711114a416fffdb236f1ca94ae7fffac316a8b8cb5ed1c91f83109cc6a
kernel-zfcpdump-devel-matched-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 17e6b0aad48224e346f778b844b1f3719a4e2e72fd9881cfae04c18a981717cc
kernel-zfcpdump-modules-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 7ae260ed2046dec3d0f25b2fe38def2370e3ed48383332cefd7b223207549fd0
kernel-zfcpdump-modules-extra-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 4e175aefd0bff51eaa04b23da36f5ff8a1ce68c1d3aafa8fd04c1c6309dfa3d6
perf-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 0faf84aa5bf0a4379ce6dd42372de145600f664b7b341b65ec477ff698f70303
perf-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 8a8e1444062b3f9ffd82f88859c09cb621bd4cf041866ea8e5c6a0e460552bb1
perf-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 8a8e1444062b3f9ffd82f88859c09cb621bd4cf041866ea8e5c6a0e460552bb1
python3-perf-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: c7835ae94b3192734c88e1e43803ba820a24ebeb2d052630aa5a1ddf6053c608
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 2b8039b0f9645b83b7471db2324d2c4cc490599c49e0bc0914cfc9ac863b0c96
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 2b8039b0f9645b83b7471db2324d2c4cc490599c49e0bc0914cfc9ac863b0c96
Red Hat Enterprise Linux for Power, little endian 9
SRPM
kernel-5.14.0-162.22.2.el9_1.src.rpm
SHA-256: b64671f21360e8d6f2f07a4cb69a4bf13b3c7bbecb6af93cbeb93a033259316b
ppc64le
bpftool-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 2ad70ed10a556d6fe795c9d8981819ba4ce947767cdd3c8a183253954a0cc40b
bpftool-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 43a381e7000a7a399cd56b49aa211ca0b0aada46aab84b5bac077b5ada11a6c4
bpftool-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 43a381e7000a7a399cd56b49aa211ca0b0aada46aab84b5bac077b5ada11a6c4
kernel-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 875849ccdf7c4558b6672edb4fc8dabc620495ab5c45041440d41d83efa6f218
kernel-abi-stablelists-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 3b0eafac09f2d5691e2c801476d23bb34dc0ed8b908f552c2af8d66ea38bab6d
kernel-core-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: c2dcd04fe3f8766d65493b8218bb2a1281c9c30326b2d447f4b5e3f53cc605e1
kernel-debug-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 28cc7dec0a6c1470b2351d8cb00e8afa789aae07276331b207facd4e68dbf63f
kernel-debug-core-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 323a3f1ce850aa7dd1a0903e83210fadc19d93dba6150fe9ef62ba6bb3b545cb
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 30e7334a047008a337fe689d4a9fef0ee116a318c245abce65e1be6ccf7add10
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 30e7334a047008a337fe689d4a9fef0ee116a318c245abce65e1be6ccf7add10
kernel-debug-devel-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: a276815da72339605d7d4ea376a7b46e6fd807fc6e50c261803a106f9f98a825
kernel-debug-devel-matched-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 7c10778a34aa081a5f3499d54a1acad1e98c2d17323380f35d61cad81be1ecce
kernel-debug-modules-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 9992fdc789b0a0b1cfc8b97d2fab22e364c6741a63e189b08e4a3ce2909d5f1f
kernel-debug-modules-extra-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: da924095c63ff7434633339d95657daee7402996489427a230fd35007a7bf554
kernel-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: ffe7db9bfefb13496daff7211637c20642ef96d5b2069b5f75be3564404295f4
kernel-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: ffe7db9bfefb13496daff7211637c20642ef96d5b2069b5f75be3564404295f4
kernel-debuginfo-common-ppc64le-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: ae8b32853ec943c245e68b499dfb1e4c35066e81431d3fe02e5a545ea53a76f3
kernel-debuginfo-common-ppc64le-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: ae8b32853ec943c245e68b499dfb1e4c35066e81431d3fe02e5a545ea53a76f3
kernel-devel-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 89b7fb1422421ab67adcaf9a2567fd618e43e7c8e7f313251cdb7f8031d51971
kernel-devel-matched-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 54755d571773e3462cf9662b210e6ad1f8833bcde01026234d9d460e3cf74598
kernel-doc-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 2b39b757554c3bb77c10a9038ab2cdaea81e8a7f944306dc69caf854335b86be
kernel-headers-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 231c610a0f2452fb13b79792894ec3bb08a8424b6535849cd8e18c00587f87e1
kernel-modules-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: be951a5277147ee99fba2d5b85fc5eb804cf88c6f102cb8a58686fc42ff876ef
kernel-modules-extra-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 4ec65c0c29051d97478eb0b259d273b928ae0a0aaa6457fcff8c25653a13ab02
kernel-tools-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 3acd070fc60cc79922ecff069013af3d02ceffd1f276c7e956fdba64bf188f3f
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 830512dffaa6917cc735c78d07aa097f1826aacc82043281c87a07b7ac24339f
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 830512dffaa6917cc735c78d07aa097f1826aacc82043281c87a07b7ac24339f
kernel-tools-libs-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: b12a771cda7455b7a06b713a8c365652515d594b7df992f82f75bf7f916221d6
perf-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 53bbddd510ffc701efdc0c39d7180b934cbf5ecef946951d123c6f3dd44e32fe
perf-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: fdc3e3f59a71fc8fdf12283906ca30e8ae237ffe74afb0ab51ef2d1dc34e2ba1
perf-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: fdc3e3f59a71fc8fdf12283906ca30e8ae237ffe74afb0ab51ef2d1dc34e2ba1
python3-perf-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: b508255a632d99afd374dbf22079467ea71233ae184413fa201fe4a32eb66238
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: c8ad94f2d44231fcb48d7899e5f8bae611491533ebc934ce655fca0eaeacc7bc
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: c8ad94f2d44231fcb48d7899e5f8bae611491533ebc934ce655fca0eaeacc7bc
Red Hat Enterprise Linux for ARM 64 9
SRPM
kernel-5.14.0-162.22.2.el9_1.src.rpm
SHA-256: b64671f21360e8d6f2f07a4cb69a4bf13b3c7bbecb6af93cbeb93a033259316b
aarch64
bpftool-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 31389cf37e0b93c9e1db08d3b9267a65123f6dc253707501a9582550d272096e
bpftool-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 99105fbacbe018ec3b8518eaf7ab4f6e049a4d5a6331e92ec9673e9b8d9db3c7
bpftool-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 99105fbacbe018ec3b8518eaf7ab4f6e049a4d5a6331e92ec9673e9b8d9db3c7
kernel-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: c6d2816b25e33b755a4ec0d9722da424d0fb24f51cb3a7e07848f5d34eabcf4c
kernel-abi-stablelists-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 3b0eafac09f2d5691e2c801476d23bb34dc0ed8b908f552c2af8d66ea38bab6d
kernel-core-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 45e2604e1229b15d779ab5015ce56330ec5fc0ed9ca0b7c42ed93d20cf092a23
kernel-debug-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: c0fa2330c37d0757f4025324890104198e16f623561bc542467433dbd2cf897e
kernel-debug-core-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 49cdf6274882b549ebff470ad6c09a6d3e65bc3f81403a863d38f3a6da180cd3
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: b1e896e19562c00fc9850acc9de8ffbbf6584910bd8beb8642bfecf0a6295d46
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: b1e896e19562c00fc9850acc9de8ffbbf6584910bd8beb8642bfecf0a6295d46
kernel-debug-devel-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 65987fd586c62ea604b366fa2517b35f244d93289cfcb0d1772e2fcf7d3d399d
kernel-debug-devel-matched-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 8dad37190587eedb1daf52bec1d743f01b7b37d078360133194dc2a2b9a28c97
kernel-debug-modules-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 30078adbc02f3a97e2a626c7f1e1d10df52b0e10daf29f8e3fa659e3929f46bc
kernel-debug-modules-extra-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 1abb0e5f91047b69004593cd57d0e1666c96f1a7e390745b8644186990bf2416
kernel-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: c03b3300e88f99323f3d883252fb7dff6965e8e31ffa9aa2c6790b7d3238fbed
kernel-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: c03b3300e88f99323f3d883252fb7dff6965e8e31ffa9aa2c6790b7d3238fbed
kernel-debuginfo-common-aarch64-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: dfa910320ea0be8a290627c88014a48387f9f3b6b7d36ab2f3729c362010e854
kernel-debuginfo-common-aarch64-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: dfa910320ea0be8a290627c88014a48387f9f3b6b7d36ab2f3729c362010e854
kernel-devel-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: f24696e8b47048a3adf785b54c6e1f912d44be29a93ca35eebe1e94a7fa95c77
kernel-devel-matched-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: f171e0cff3c612daa251f77790c1cf6cf2128d73bbe91b42c9306fc2ae703794
kernel-doc-5.14.0-162.22.2.el9_1.noarch.rpm
SHA-256: 2b39b757554c3bb77c10a9038ab2cdaea81e8a7f944306dc69caf854335b86be
kernel-headers-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: dfad72c6e64947b8158d4720974d01455be75e0c07e0f0ccc8c8b0b8299871a6
kernel-modules-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: bb36d083ef15ecd813b3e03a1007aa2503eb0e8f776b15e4904bde545504b067
kernel-modules-extra-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: be588e528ef8065eaee18c542c15cef8b58572c4db99d25540d30371e27cbc51
kernel-tools-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 4b5bd9f8f5fae8690c941e3e41260e218f5dc060d4bf5c662c9dbcebf548883d
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 68b19828908ddeab783dc95fabf98ade274f65b7f1eefe80b8a90657271a5535
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 68b19828908ddeab783dc95fabf98ade274f65b7f1eefe80b8a90657271a5535
kernel-tools-libs-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 6203fed4234d6da4a857ed9429466fdb86c5ebc53b0e6047819dc9145e8c4206
perf-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 8232b4281683c117cab0cd6f7e28478ee4fbc58536e2ce04ddc885eb4f0319fc
perf-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: fbf48b802ee8a080363e1b4b486abcb6dc0a36a0601fe92bb8f1c0f4105dca56
perf-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: fbf48b802ee8a080363e1b4b486abcb6dc0a36a0601fe92bb8f1c0f4105dca56
python3-perf-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 5471cf78085dc8e2160dfeae8fc81fc370bed199ccdf2b0bd26c7e8ce793cd7c
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 49d44728f8adca5668b73aae7a722aabf0b1bba980e45b2184a8edb33b4bcf44
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 49d44728f8adca5668b73aae7a722aabf0b1bba980e45b2184a8edb33b4bcf44
Red Hat CodeReady Linux Builder for x86_64 9
SRPM
x86_64
bpftool-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 3bbccc9104484ae16dd28b3f846d442bc378c9c7ae63a018b78020d762eba07b
kernel-cross-headers-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: eaadc85a9227eb934870d045545b856df732aa9ed1289a72c0543c0682b56795
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: e1f2c77c14fc52f5680a9a6c6ecd4b3e93434752ad2c91f07df13a9c7361c5a1
kernel-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 2cd202fc56cb04217f1a1de5c6cb45f479c52edcd9d5f6322ec10f4bcdb5a009
kernel-debuginfo-common-x86_64-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 79867ddda6453536a4d4c01d5c2311ae95e0c4b6b57bcceddb0bf23597eefa6e
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 28f035d60fdb7babe51f3e55a25bf605b6ec303b54dbd1157acac90d5a1bb3aa
kernel-tools-libs-devel-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 8bcade1e964e5bc2cdac0b6f4120b247906a2c35b92ba6fad453b18a00ffece0
perf-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 9c761133d8b2cbb807246ec596774152edeb109eaf09db7b9d2775c243d1fb04
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.x86_64.rpm
SHA-256: 200663e31fc89db231e8715ee04999d599a3d6ba31cbda4e10aec1931d6b5d78
Red Hat CodeReady Linux Builder for Power, little endian 9
SRPM
ppc64le
bpftool-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 43a381e7000a7a399cd56b49aa211ca0b0aada46aab84b5bac077b5ada11a6c4
kernel-cross-headers-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 4928337658b89d390a415d0df46b3ed4f16a64df74c2d479bd8fcaf1cdd70222
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 30e7334a047008a337fe689d4a9fef0ee116a318c245abce65e1be6ccf7add10
kernel-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: ffe7db9bfefb13496daff7211637c20642ef96d5b2069b5f75be3564404295f4
kernel-debuginfo-common-ppc64le-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: ae8b32853ec943c245e68b499dfb1e4c35066e81431d3fe02e5a545ea53a76f3
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: 830512dffaa6917cc735c78d07aa097f1826aacc82043281c87a07b7ac24339f
kernel-tools-libs-devel-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: fae33c61fdb3dbe9fc86b322618bceefdac174892793880ccc03c7dc85679d62
perf-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: fdc3e3f59a71fc8fdf12283906ca30e8ae237ffe74afb0ab51ef2d1dc34e2ba1
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.ppc64le.rpm
SHA-256: c8ad94f2d44231fcb48d7899e5f8bae611491533ebc934ce655fca0eaeacc7bc
Red Hat CodeReady Linux Builder for ARM 64 9
SRPM
aarch64
bpftool-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 99105fbacbe018ec3b8518eaf7ab4f6e049a4d5a6331e92ec9673e9b8d9db3c7
kernel-cross-headers-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: ce2bdc74e398ad3a372bb3524a058ffaedf15edd493eb459afa23c027c191495
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: b1e896e19562c00fc9850acc9de8ffbbf6584910bd8beb8642bfecf0a6295d46
kernel-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: c03b3300e88f99323f3d883252fb7dff6965e8e31ffa9aa2c6790b7d3238fbed
kernel-debuginfo-common-aarch64-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: dfa910320ea0be8a290627c88014a48387f9f3b6b7d36ab2f3729c362010e854
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 68b19828908ddeab783dc95fabf98ade274f65b7f1eefe80b8a90657271a5535
kernel-tools-libs-devel-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: d9a89716c83359c3cf28186dd6592227b6a1b9f73d88c24731750e4047d80eba
perf-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: fbf48b802ee8a080363e1b4b486abcb6dc0a36a0601fe92bb8f1c0f4105dca56
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.aarch64.rpm
SHA-256: 49d44728f8adca5668b73aae7a722aabf0b1bba980e45b2184a8edb33b4bcf44
Red Hat CodeReady Linux Builder for IBM z Systems 9
SRPM
s390x
bpftool-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 69e67e92767beda86a17cc0b86978f9f3dd8ecc6745431d8ee62c962e7c2a7cf
kernel-cross-headers-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: a35e183b9e1e88e9697e2064ca3a5a7aa5a2d60c120764a7a5d176ea4307c018
kernel-debug-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: f56eacfde6493a10268e812e9fc4807c7eabef79fed6173ff401be5b2667e48f
kernel-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: b0d9b8ba9ba9504676a983fe858b71790364d63e005a6372bf72d5c2bffd792e
kernel-debuginfo-common-s390x-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 2a4415a9709176a8ed625f4b1982a8a87b9003d3e5e5d674d0f9f6af8628059e
kernel-tools-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 1b95e4b2d5b8dbd2276466461acbbf7f9c983865853dc7d5550de18d03fcc55f
kernel-zfcpdump-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 1130e19e4fe36f12a17e98d5b8ae134faea1328fed32feabe3281dd9704a78f0
perf-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 8a8e1444062b3f9ffd82f88859c09cb621bd4cf041866ea8e5c6a0e460552bb1
python3-perf-debuginfo-5.14.0-162.22.2.el9_1.s390x.rpm
SHA-256: 2b8039b0f9645b83b7471db2324d2c4cc490599c49e0bc0914cfc9ac863b0c96
Related news
Red Hat Security Advisory 2023-7077-01 - An update for kernel is now available for Red Hat Enterprise Linux 8. Issues addressed include buffer overflow, denial of service, double free, information leakage, memory leak, null pointer, out of bounds access, out of bounds write, and use-after-free vulnerabilities.
Ubuntu Security Notice 6347-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 6331-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.
Ubuntu Security Notice 6314-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.
Debian Linux Security Advisory 5480-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
Ubuntu Security Notice 6284-1 - It was discovered that the netlink implementation in the Linux kernel did not properly validate policies when parsing attributes in some situations. An attacker could use this to cause a denial of service. Billy Jheng Bing Jhong discovered that the CIFS network file system implementation in the Linux kernel did not properly validate arguments to ioctl in some situations. A local attacker could possibly use this to cause a denial of service.
Ubuntu Security Notice 6186-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6175-1 - Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Gwangun Jung discovered that the Quick Fair Queueing scheduler implementation in the Linux kernel contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of this vulnerability may affect device confidentiality.
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26341: A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. * CVE-2021-33655: An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to c...
Red Hat Advanced Cluster Management for Kubernetes 2.5.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.
Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.
Red Hat Security Advisory 2023-1953-01 - Red Hat OpenShift Logging Subsystem 5.6.5 update. Issues addressed include cross site scripting and denial of service vulnerabilities.
Ubuntu Security Notice 6033-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.
Red Hat Security Advisory 2023-1662-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak problem. * CVE...
Red Hat Security Advisory 2023-1557-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of...
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw al...
A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.
By Habiba Rashid Google's Threat Analysis Group (TAG) labeled the spyware campaign as limited but highly targeted. This is a post from HackRead.com Read the original post: Google reveals spyware attack on Android, iOS, and Chrome
Red Hat Security Advisory 2023-1392-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.55.
Ubuntu Security Notice 5979-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-1470-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a double free vulnerability.
Red Hat Security Advisory 2023-1468-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a double free vulnerability.
Red Hat Security Advisory 2023-1467-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a double free vulnerability.
Red Hat Security Advisory 2023-1469-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a double free vulnerability.
Red Hat Security Advisory 2023-1471-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a double free vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4744: A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4744: A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4744: A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-0266: A use-after-free flaw was found in the...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4744: A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system.
Ubuntu Security Notice 5970-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a race condition existed in the Xen network backend driver in the Linux kernel when handling dropped packets in certain circumstances. An attacker could use this to cause a denial of service.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges. * CVE-2022-4378: A stack ove...
Ubuntu Security Notice 5951-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-1221-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-1202-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, integer overflow, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-1220-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include a use-after-free vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges. * CVE-2022-4269: A flaw was found ...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges. * CVE-2022-4269: A flaw was fou...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges. * CVE-2022-4269: A flaw was fou...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges. * CVE-2022-4269: A flaw was fou...
Ubuntu Security Notice 5940-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2023-1130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
Ubuntu Security Notice 5934-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 5927-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking co...
Ubuntu Security Notice 5917-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5915-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e
A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.
A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of service condition.