Headline
RHSA-2022:0823: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation
- CVE-2021-4028: kernel: use-after-free in RDMA listen()
- CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it
- CVE-2022-0330: kernel: possible privileges escalation due to missing TLB flush
- CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation
- CVE-2022-0847: kernel: improper initialization of the “flags” member of the new pipe_buffer
- CVE-2022-22942: kernel: failing usercopy allows for use-after-free exploitation
Issued:
2022-03-10
Updated:
2022-03-10
RHSA-2022:0823 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: improper initialization of the “flags” member of the new pipe_buffer (CVE-2022-0847)
- kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
- kernel: use-after-free in RDMA listen() (CVE-2021-4028)
- kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
- kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
- kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
- kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
- BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
- BZ - 2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
- BZ - 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
- BZ - 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation
- BZ - 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
- BZ - 2060795 - CVE-2022-0847 kernel: improper initialization of the “flags” member of the new pipe_buffer
CVEs
- CVE-2021-0920
- CVE-2021-4028
- CVE-2021-4083
- CVE-2022-0330
- CVE-2022-0492
- CVE-2022-0847
- CVE-2022-22942
References
- https://access.redhat.com/security/updates/classification/#important
- https://access.redhat.com/security/vulnerabilities/RHSB-2022-002
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1
SRPM
kernel-4.18.0-147.64.1.el8_1.src.rpm
SHA-256: 448d6e64e936c71556b5d95ca79a979fea2fe88b385fe95b8f4a8d9d574416d8
ppc64le
bpftool-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 35737258a66f06627b3924f5bcb0d7518fd30be2a5eb78884df0d10478c3f28d
bpftool-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 4ca925b8a50ad2247cd73ec51308a5869d54cb81ebc0884549821129b585bfd1
kernel-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 89c98e9862b6234b32368035bc0c7bd51785142dc0519411e055e78a6a1f6ab5
kernel-abi-whitelists-4.18.0-147.64.1.el8_1.noarch.rpm
SHA-256: 673ce4eeabb840d333751740b8191db0f35dee218d7e5b72636da439ca2fc79c
kernel-core-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 1a7e1e9f867f9699a7a34ccf8129897ef6cbd50e0c0479a522f4447bad2e69e3
kernel-cross-headers-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 19299e5bddfd1a41d05e86ea9b26f2c4bd287e0df70f9c992e3008c4f78cfaf3
kernel-debug-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 81fd2dec957b0d80ede478e766a5f7329975d2c9058b7e47bd8f1582ddb3b25b
kernel-debug-core-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 75cd47f378d51e0b35e313d581ab1b1197c6eed5d7e48e1818c0b3512dd9c968
kernel-debug-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: d2999be83cbda146650bb80c8ba3d9df7c44fdf3cf1a80b5cc6f7df9cddec3c3
kernel-debug-devel-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 3430e97534ac9e18bfd87cfbb1a76d53fbfb9677e7935dda3330140536c607f9
kernel-debug-modules-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: fc49db4634cfb66c0f245af04dfb063cf16c8681cd989c70f2e3138cb4607a4b
kernel-debug-modules-extra-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 1c41ca09b15194bb9ddc43b58b12b73a8a822402bbb91b966c568c1381bdba93
kernel-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: afa67428502d7fbbc31eacea07dacc9f1f6273592a113aa53f679d7cb9521dda
kernel-debuginfo-common-ppc64le-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 2fbd060ded4cf7256cf6127e527d80dc684fea062a4a59b6d3b042febc8379bc
kernel-devel-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 58ad6792c0c1e605fa0bb2036dc45cf84b0f0b6720d2c31bbda1d72d007ae49d
kernel-doc-4.18.0-147.64.1.el8_1.noarch.rpm
SHA-256: 1a963e71d175939e7dfbcf2e977809fda92cf3dc0c13d3b1977233627a04172b
kernel-headers-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: becce9c66cb9ade6914c7f5ab936d731a4bfc0a14390232638b0baa855f57264
kernel-modules-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 694dc54b70ac8c6f198f918b23ff30e3474f2e0a03c25e594b2ddf6ccab351c0
kernel-modules-extra-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 7c34e416512ad1ac93e8d1216ff5039163b16c3e8eb3f7053d4f71368020a231
kernel-tools-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 1e09d7da323ff7b660e2b5b5d1e4ec505ff4cef509125fb894d54dd237e95a3c
kernel-tools-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 1ecc2f400330cee1eb0403df4de112ae4ae6cffb008430a97e252d64f95e56a4
kernel-tools-libs-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: a1330a11abbc738f61f6922d925cde9fd1a4cb0f71b5d0669699aa1348e0021d
perf-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 404fc0331301d5640ab402fd39fdbc4558209e56a757940b6c219e55054262fc
perf-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: ca82add575c4dee42a92ee43aa829ac57f04d256a92d01c07cb63809af49b19b
python3-perf-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: edbb8d82781a6cbbe10ed4ea661d74b7c7ae8fc7c09eca8ff63e23ed9492c505
python3-perf-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm
SHA-256: 9df6a5daac255f83e89585ed7d56ecffda894991412503b038c66c80b337c5ae
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1
SRPM
kernel-4.18.0-147.64.1.el8_1.src.rpm
SHA-256: 448d6e64e936c71556b5d95ca79a979fea2fe88b385fe95b8f4a8d9d574416d8
x86_64
bpftool-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 9a940de05dc0cd88041fb31ee2d67053a3559c1cf8a5804922dab3c1c31a43b4
bpftool-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 24da15b7fe8b291e71e67f372a06f388c6c2257a4f0e65e206e3eb542066d538
kernel-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 0a5956ada75981f5ef6ea45cbfd70a2c2130c19f36a6898be0dd19b02ae92a57
kernel-abi-whitelists-4.18.0-147.64.1.el8_1.noarch.rpm
SHA-256: 673ce4eeabb840d333751740b8191db0f35dee218d7e5b72636da439ca2fc79c
kernel-core-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 9e3f857341d3e7ae75814cd6e9f2004b9655ed3b78a0cf8357c83fafc11b5b2d
kernel-cross-headers-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: bd1f4c8204319cb6f343b39aee4a3d15e5b22762354b30b28558406161716336
kernel-debug-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: cbd0c4738098255c39a05a6c1bf3214ebe8112bd09ee29932fa58479e9ef9936
kernel-debug-core-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: ddf88f6b4d0499e93e12dfa71215afc371c62c0bb0be668d96ea1a59bb512735
kernel-debug-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 057e44e0d5d26813f08e135ad7afb87656ee1c5cfe67dc4f28145b12c7bcd248
kernel-debug-devel-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 732c6ebc9d3a9df721f325391c3cf9c78b30bc7c3bff9e2754bd13a5d2de2610
kernel-debug-modules-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: acfd29662bdda2cfb7e8bd1764b9b1f182415a031665e95ab75339cb7276cd5c
kernel-debug-modules-extra-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: a0b3e8b698d2e2799cf9e07ffddbf6c159377da0d2798ae73020fa84ec309189
kernel-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: c7a1abf89a608017373b009dddb909e137e4cd826ff700fa26653462426da368
kernel-debuginfo-common-x86_64-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 44ac27ec74008277a40e9b66595297aacafffb9666ced5f58fb5013f9e3aff28
kernel-devel-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: d1d614ac372e7e34d78feb5866b34e8cd7d7fbc5f6c1ec5bf2ba06d7e52d38ac
kernel-doc-4.18.0-147.64.1.el8_1.noarch.rpm
SHA-256: 1a963e71d175939e7dfbcf2e977809fda92cf3dc0c13d3b1977233627a04172b
kernel-headers-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 6e669d277f898b61a8e64065a3c0c418e115f2ef65cc2c42c00465b89ce0fa28
kernel-modules-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 40010d68223216d5c09610ccf0cfb1601b92d9ff86b9c47d84d6830c19fae5b7
kernel-modules-extra-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 9f02099c395d04f9356940989b6f1a4c0fbf9e9d44d69d9e6d053e7d82dfe6d4
kernel-tools-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: df92c65473a9d6b3d28b069a21884be8ec66183f38357f7741342381b1484f9a
kernel-tools-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 9593d50b04835a1ed0e57aa19ebab17ea0555d3f3ace6a64614228de7be38088
kernel-tools-libs-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 2ffea218aac1fa21bbb279ec9a246ec7b542a731c7d60e8a54587175be711dc5
perf-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: af84a65bccaf04e9e6fd8c95d082768cf38a582edea31509255f7cda0da1774d
perf-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 51b800c662be63e13eeab5968108b88d187d8b9f2da73c3f8bb79cb7ffee3bc6
python3-perf-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 0ec034ecacd03d0e6ea24c2707720c67123a108b24329c532a445a0f39d8108e
python3-perf-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm
SHA-256: 6374af6f7a162189d7ba79623a4855a2f910962910e8e29eeeb815870e0ba201
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.