Headline
RHSA-2023:4215: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Quarkus
Integration and Automation
All Products
Issued:
2023-07-19
Updated:
2023-07-19
RHSA-2023:4215 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2150999 - CVE-2022-3564 kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c
Red Hat Enterprise Linux Server 7
SRPM
kpatch-patch-3_10_0-1160_81_1-1-3.el7.src.rpm
SHA-256: c533b17151e1937a62b0913c7ecedab38f23e8fef64e79962b8fc106014597f9
kpatch-patch-3_10_0-1160_83_1-1-2.el7.src.rpm
SHA-256: 64d38f41f1704966c6eef3eefc95df0059fd3b49bb094d14cbbb8748acc807a1
kpatch-patch-3_10_0-1160_88_1-1-1.el7.src.rpm
SHA-256: 738ad938e41e402661109b32477ac40a2ad4f95b804c5d8891b32f4a67ae1da3
kpatch-patch-3_10_0-1160_90_1-1-1.el7.src.rpm
SHA-256: 9c833fc0136a6d5bc796390549cb195de495ad1ab3da714649f1098dece02fa0
kpatch-patch-3_10_0-1160_92_1-1-1.el7.src.rpm
SHA-256: 11de87ec93198ffb989c18f4f6af76a4f78dbf8a796c90e6c97c74d980db9ac1
x86_64
kpatch-patch-3_10_0-1160_81_1-1-3.el7.x86_64.rpm
SHA-256: a7ac82762748124b460f5d600be24d3d424aa3bc5a65af337d0a0567eae2555f
kpatch-patch-3_10_0-1160_81_1-debuginfo-1-3.el7.x86_64.rpm
SHA-256: 6660d4776b14629e006fe45072269e5582ef943bdf2350bd759a0a0a12aae34c
kpatch-patch-3_10_0-1160_83_1-1-2.el7.x86_64.rpm
SHA-256: 785fc635e756cbad6c8ff0fa5ab17b10d84fb1e87ed2484f365911a2fae7f844
kpatch-patch-3_10_0-1160_83_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: fe71526705f460fe2b9383f655f6c88727d71952de62ea714fc35cf401f3c3b3
kpatch-patch-3_10_0-1160_88_1-1-1.el7.x86_64.rpm
SHA-256: 01e85cade97bb6dfb4100c55cd967b0946e30949e468baa337df5b623fe3bfac
kpatch-patch-3_10_0-1160_88_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: c7a7262ddb33fd9514c14532f9116dbbccfbbd0a062b4988b88b31e22b28852b
kpatch-patch-3_10_0-1160_90_1-1-1.el7.x86_64.rpm
SHA-256: 28e95c5bcd62ee11089c66f4c13a0fc1b0b82e18a8eb0cb44645e2d881a62e63
kpatch-patch-3_10_0-1160_90_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: 02b5d17c7d19ff0bd39c21f835915c4f769429a913a987f9becea4b03a495746
kpatch-patch-3_10_0-1160_92_1-1-1.el7.x86_64.rpm
SHA-256: 298c9bb778a8a0fe5ea2d883009df7b422b45b95564b126276d1572898c631a9
kpatch-patch-3_10_0-1160_92_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: be75ac6c22c40eb00e1590120832d01170e1b554015dadfeb7d53605ff9905c9
Red Hat Enterprise Linux for Power, little endian 7
SRPM
kpatch-patch-3_10_0-1160_81_1-1-3.el7.src.rpm
SHA-256: c533b17151e1937a62b0913c7ecedab38f23e8fef64e79962b8fc106014597f9
kpatch-patch-3_10_0-1160_83_1-1-2.el7.src.rpm
SHA-256: 64d38f41f1704966c6eef3eefc95df0059fd3b49bb094d14cbbb8748acc807a1
kpatch-patch-3_10_0-1160_88_1-1-1.el7.src.rpm
SHA-256: 738ad938e41e402661109b32477ac40a2ad4f95b804c5d8891b32f4a67ae1da3
kpatch-patch-3_10_0-1160_90_1-1-1.el7.src.rpm
SHA-256: 9c833fc0136a6d5bc796390549cb195de495ad1ab3da714649f1098dece02fa0
kpatch-patch-3_10_0-1160_92_1-1-1.el7.src.rpm
SHA-256: 11de87ec93198ffb989c18f4f6af76a4f78dbf8a796c90e6c97c74d980db9ac1
ppc64le
kpatch-patch-3_10_0-1160_81_1-1-3.el7.ppc64le.rpm
SHA-256: 39234fe567e0af2494c550e4e229bed7b4006539461e223ee9920bde303b57cd
kpatch-patch-3_10_0-1160_81_1-debuginfo-1-3.el7.ppc64le.rpm
SHA-256: 807a990daddfe063840eba141978d801f53b71f56cb7b5f48d893349865afea7
kpatch-patch-3_10_0-1160_83_1-1-2.el7.ppc64le.rpm
SHA-256: df665d0803b95135a21945f995872e5c983a9febc5e065b652e6a688e1fc02d8
kpatch-patch-3_10_0-1160_83_1-debuginfo-1-2.el7.ppc64le.rpm
SHA-256: 18bafafb47fe3e409c6968d416ad398fa4baed336ce900f9aceb9e7e84f3b783
kpatch-patch-3_10_0-1160_88_1-1-1.el7.ppc64le.rpm
SHA-256: 99e860f26fad11e0a1a3c6edcefe8f667181cdb07e956d41568ed52faf47460c
kpatch-patch-3_10_0-1160_88_1-debuginfo-1-1.el7.ppc64le.rpm
SHA-256: 71145122cdef12ba4b28c7cfa69e8cb399c148a7d0604ecc577bf39d7eca112e
kpatch-patch-3_10_0-1160_90_1-1-1.el7.ppc64le.rpm
SHA-256: ab8e30ad96bfc1f10cc45464122a238ae4e33ec3ab75acc9c7012287aadebf0e
kpatch-patch-3_10_0-1160_90_1-debuginfo-1-1.el7.ppc64le.rpm
SHA-256: 8041db5e4f4f4c3f226eb22fcb3cd6ea1bc2ab85e6f2bb9511fec9ce79d542fb
kpatch-patch-3_10_0-1160_92_1-1-1.el7.ppc64le.rpm
SHA-256: 7daa588180c93214a74a8d1278b2d8fb1159f98248957d93e62e32c0d1fbd0ba
kpatch-patch-3_10_0-1160_92_1-debuginfo-1-1.el7.ppc64le.rpm
SHA-256: 5bf952ed1cbce8f879195070f42cb56b3e957481bdfa8b0e56f311671820dfa9
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges.
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows...
Red Hat Security Advisory 2023-1559-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
Red Hat OpenShift Container Platform release 4.10.55 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-20329: A flaw was found in Mongo. Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshaling Go objects into BSON. This flaw allows a malicious user to use a Go object with a specific string to inject additional fields into marshaled docume...
Red Hat Security Advisory 2023-1251-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-1221-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2873: An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP blue...
Red Hat Security Advisory 2023-0858-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
Ubuntu Security Notice 5757-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5754-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.