Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4215: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#kubernetes#aws#rpm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

All Products

Issued:

2023-07-19

Updated:

2023-07-19

RHSA-2023:4215 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server 7 x86_64
  • Red Hat Enterprise Linux for Power, little endian 7 ppc64le

Fixes

  • BZ - 2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c

Red Hat Enterprise Linux Server 7

SRPM

kpatch-patch-3_10_0-1160_81_1-1-3.el7.src.rpm

SHA-256: c533b17151e1937a62b0913c7ecedab38f23e8fef64e79962b8fc106014597f9

kpatch-patch-3_10_0-1160_83_1-1-2.el7.src.rpm

SHA-256: 64d38f41f1704966c6eef3eefc95df0059fd3b49bb094d14cbbb8748acc807a1

kpatch-patch-3_10_0-1160_88_1-1-1.el7.src.rpm

SHA-256: 738ad938e41e402661109b32477ac40a2ad4f95b804c5d8891b32f4a67ae1da3

kpatch-patch-3_10_0-1160_90_1-1-1.el7.src.rpm

SHA-256: 9c833fc0136a6d5bc796390549cb195de495ad1ab3da714649f1098dece02fa0

kpatch-patch-3_10_0-1160_92_1-1-1.el7.src.rpm

SHA-256: 11de87ec93198ffb989c18f4f6af76a4f78dbf8a796c90e6c97c74d980db9ac1

x86_64

kpatch-patch-3_10_0-1160_81_1-1-3.el7.x86_64.rpm

SHA-256: a7ac82762748124b460f5d600be24d3d424aa3bc5a65af337d0a0567eae2555f

kpatch-patch-3_10_0-1160_81_1-debuginfo-1-3.el7.x86_64.rpm

SHA-256: 6660d4776b14629e006fe45072269e5582ef943bdf2350bd759a0a0a12aae34c

kpatch-patch-3_10_0-1160_83_1-1-2.el7.x86_64.rpm

SHA-256: 785fc635e756cbad6c8ff0fa5ab17b10d84fb1e87ed2484f365911a2fae7f844

kpatch-patch-3_10_0-1160_83_1-debuginfo-1-2.el7.x86_64.rpm

SHA-256: fe71526705f460fe2b9383f655f6c88727d71952de62ea714fc35cf401f3c3b3

kpatch-patch-3_10_0-1160_88_1-1-1.el7.x86_64.rpm

SHA-256: 01e85cade97bb6dfb4100c55cd967b0946e30949e468baa337df5b623fe3bfac

kpatch-patch-3_10_0-1160_88_1-debuginfo-1-1.el7.x86_64.rpm

SHA-256: c7a7262ddb33fd9514c14532f9116dbbccfbbd0a062b4988b88b31e22b28852b

kpatch-patch-3_10_0-1160_90_1-1-1.el7.x86_64.rpm

SHA-256: 28e95c5bcd62ee11089c66f4c13a0fc1b0b82e18a8eb0cb44645e2d881a62e63

kpatch-patch-3_10_0-1160_90_1-debuginfo-1-1.el7.x86_64.rpm

SHA-256: 02b5d17c7d19ff0bd39c21f835915c4f769429a913a987f9becea4b03a495746

kpatch-patch-3_10_0-1160_92_1-1-1.el7.x86_64.rpm

SHA-256: 298c9bb778a8a0fe5ea2d883009df7b422b45b95564b126276d1572898c631a9

kpatch-patch-3_10_0-1160_92_1-debuginfo-1-1.el7.x86_64.rpm

SHA-256: be75ac6c22c40eb00e1590120832d01170e1b554015dadfeb7d53605ff9905c9

Red Hat Enterprise Linux for Power, little endian 7

SRPM

kpatch-patch-3_10_0-1160_81_1-1-3.el7.src.rpm

SHA-256: c533b17151e1937a62b0913c7ecedab38f23e8fef64e79962b8fc106014597f9

kpatch-patch-3_10_0-1160_83_1-1-2.el7.src.rpm

SHA-256: 64d38f41f1704966c6eef3eefc95df0059fd3b49bb094d14cbbb8748acc807a1

kpatch-patch-3_10_0-1160_88_1-1-1.el7.src.rpm

SHA-256: 738ad938e41e402661109b32477ac40a2ad4f95b804c5d8891b32f4a67ae1da3

kpatch-patch-3_10_0-1160_90_1-1-1.el7.src.rpm

SHA-256: 9c833fc0136a6d5bc796390549cb195de495ad1ab3da714649f1098dece02fa0

kpatch-patch-3_10_0-1160_92_1-1-1.el7.src.rpm

SHA-256: 11de87ec93198ffb989c18f4f6af76a4f78dbf8a796c90e6c97c74d980db9ac1

ppc64le

kpatch-patch-3_10_0-1160_81_1-1-3.el7.ppc64le.rpm

SHA-256: 39234fe567e0af2494c550e4e229bed7b4006539461e223ee9920bde303b57cd

kpatch-patch-3_10_0-1160_81_1-debuginfo-1-3.el7.ppc64le.rpm

SHA-256: 807a990daddfe063840eba141978d801f53b71f56cb7b5f48d893349865afea7

kpatch-patch-3_10_0-1160_83_1-1-2.el7.ppc64le.rpm

SHA-256: df665d0803b95135a21945f995872e5c983a9febc5e065b652e6a688e1fc02d8

kpatch-patch-3_10_0-1160_83_1-debuginfo-1-2.el7.ppc64le.rpm

SHA-256: 18bafafb47fe3e409c6968d416ad398fa4baed336ce900f9aceb9e7e84f3b783

kpatch-patch-3_10_0-1160_88_1-1-1.el7.ppc64le.rpm

SHA-256: 99e860f26fad11e0a1a3c6edcefe8f667181cdb07e956d41568ed52faf47460c

kpatch-patch-3_10_0-1160_88_1-debuginfo-1-1.el7.ppc64le.rpm

SHA-256: 71145122cdef12ba4b28c7cfa69e8cb399c148a7d0604ecc577bf39d7eca112e

kpatch-patch-3_10_0-1160_90_1-1-1.el7.ppc64le.rpm

SHA-256: ab8e30ad96bfc1f10cc45464122a238ae4e33ec3ab75acc9c7012287aadebf0e

kpatch-patch-3_10_0-1160_90_1-debuginfo-1-1.el7.ppc64le.rpm

SHA-256: 8041db5e4f4f4c3f226eb22fcb3cd6ea1bc2ab85e6f2bb9511fec9ce79d542fb

kpatch-patch-3_10_0-1160_92_1-1-1.el7.ppc64le.rpm

SHA-256: 7daa588180c93214a74a8d1278b2d8fb1159f98248957d93e62e32c0d1fbd0ba

kpatch-patch-3_10_0-1160_92_1-debuginfo-1-1.el7.ppc64le.rpm

SHA-256: 5bf952ed1cbce8f879195070f42cb56b3e957481bdfa8b0e56f311671820dfa9

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2023:3278: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.

RHSA-2023:3277: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows...

Red Hat Security Advisory 2023-1559-01

Red Hat Security Advisory 2023-1559-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

RHSA-2023:1392: Red Hat Security Advisory: OpenShift Container Platform 4.10.55 security update

Red Hat OpenShift Container Platform release 4.10.55 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-20329: A flaw was found in Mongo. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshaling Go objects into BSON. This flaw allows a malicious user to use a Go object with a specific string to inject additional fields into marshaled docume...

Red Hat Security Advisory 2023-1251-01

Red Hat Security Advisory 2023-1251-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-1221-01

Red Hat Security Advisory 2023-1221-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.

RHSA-2023:0979: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2873: An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP blue...

Red Hat Security Advisory 2023-0858-01

Red Hat Security Advisory 2023-0858-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Ubuntu Security Notice USN-5757-2

Ubuntu Security Notice 5757-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5754-1

Ubuntu Security Notice 5754-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.