Headline

RHSA-2022:0823: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation
CVE-2021-4028: kernel: use-after-free in RDMA listen()
CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it
CVE-2022-0330: kernel: possible privileges escalation due to missing TLB flush
CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation
CVE-2022-0847: kernel: improper initialization of the “flags” member of the new pipe_buffer
CVE-2022-22942: kernel: failing usercopy allows for use-after-free exploitation

2 years ago

Red Hat Security Data

Open in Source

#vulnerability #linux #red_hat

Issued:

2022-03-10

Updated:

2022-03-10

RHSA-2022:0823 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: improper initialization of the “flags” member of the new pipe_buffer (CVE-2022-0847)
kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
kernel: use-after-free in RDMA listen() (CVE-2021-4028)
kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1 ppc64le
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1 x86_64

Fixes

BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
BZ - 2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
BZ - 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
BZ - 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation
BZ - 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
BZ - 2060795 - CVE-2022-0847 kernel: improper initialization of the “flags” member of the new pipe_buffer

CVEs

CVE-2021-0920
CVE-2021-4028
CVE-2021-4083
CVE-2022-0330
CVE-2022-0492
CVE-2022-0847
CVE-2022-22942

References

https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/security/vulnerabilities/RHSB-2022-002

Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 8.1

SRPM

kernel-4.18.0-147.64.1.el8_1.src.rpm

SHA-256: 448d6e64e936c71556b5d95ca79a979fea2fe88b385fe95b8f4a8d9d574416d8

ppc64le

bpftool-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 35737258a66f06627b3924f5bcb0d7518fd30be2a5eb78884df0d10478c3f28d

bpftool-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 4ca925b8a50ad2247cd73ec51308a5869d54cb81ebc0884549821129b585bfd1

kernel-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 89c98e9862b6234b32368035bc0c7bd51785142dc0519411e055e78a6a1f6ab5

kernel-abi-whitelists-4.18.0-147.64.1.el8_1.noarch.rpm

SHA-256: 673ce4eeabb840d333751740b8191db0f35dee218d7e5b72636da439ca2fc79c

kernel-core-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 1a7e1e9f867f9699a7a34ccf8129897ef6cbd50e0c0479a522f4447bad2e69e3

kernel-cross-headers-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 19299e5bddfd1a41d05e86ea9b26f2c4bd287e0df70f9c992e3008c4f78cfaf3

kernel-debug-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 81fd2dec957b0d80ede478e766a5f7329975d2c9058b7e47bd8f1582ddb3b25b

kernel-debug-core-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 75cd47f378d51e0b35e313d581ab1b1197c6eed5d7e48e1818c0b3512dd9c968

kernel-debug-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: d2999be83cbda146650bb80c8ba3d9df7c44fdf3cf1a80b5cc6f7df9cddec3c3

kernel-debug-devel-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 3430e97534ac9e18bfd87cfbb1a76d53fbfb9677e7935dda3330140536c607f9

kernel-debug-modules-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: fc49db4634cfb66c0f245af04dfb063cf16c8681cd989c70f2e3138cb4607a4b

kernel-debug-modules-extra-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 1c41ca09b15194bb9ddc43b58b12b73a8a822402bbb91b966c568c1381bdba93

kernel-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: afa67428502d7fbbc31eacea07dacc9f1f6273592a113aa53f679d7cb9521dda

kernel-debuginfo-common-ppc64le-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 2fbd060ded4cf7256cf6127e527d80dc684fea062a4a59b6d3b042febc8379bc

kernel-devel-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 58ad6792c0c1e605fa0bb2036dc45cf84b0f0b6720d2c31bbda1d72d007ae49d

kernel-doc-4.18.0-147.64.1.el8_1.noarch.rpm

SHA-256: 1a963e71d175939e7dfbcf2e977809fda92cf3dc0c13d3b1977233627a04172b

kernel-headers-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: becce9c66cb9ade6914c7f5ab936d731a4bfc0a14390232638b0baa855f57264

kernel-modules-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 694dc54b70ac8c6f198f918b23ff30e3474f2e0a03c25e594b2ddf6ccab351c0

kernel-modules-extra-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 7c34e416512ad1ac93e8d1216ff5039163b16c3e8eb3f7053d4f71368020a231

kernel-tools-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 1e09d7da323ff7b660e2b5b5d1e4ec505ff4cef509125fb894d54dd237e95a3c

kernel-tools-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 1ecc2f400330cee1eb0403df4de112ae4ae6cffb008430a97e252d64f95e56a4

kernel-tools-libs-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: a1330a11abbc738f61f6922d925cde9fd1a4cb0f71b5d0669699aa1348e0021d

perf-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 404fc0331301d5640ab402fd39fdbc4558209e56a757940b6c219e55054262fc

perf-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: ca82add575c4dee42a92ee43aa829ac57f04d256a92d01c07cb63809af49b19b

python3-perf-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: edbb8d82781a6cbbe10ed4ea661d74b7c7ae8fc7c09eca8ff63e23ed9492c505

python3-perf-debuginfo-4.18.0-147.64.1.el8_1.ppc64le.rpm

SHA-256: 9df6a5daac255f83e89585ed7d56ecffda894991412503b038c66c80b337c5ae

Red Hat Enterprise Linux Server - Update Services for SAP Solutions 8.1

SRPM

kernel-4.18.0-147.64.1.el8_1.src.rpm

SHA-256: 448d6e64e936c71556b5d95ca79a979fea2fe88b385fe95b8f4a8d9d574416d8

x86_64

bpftool-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 9a940de05dc0cd88041fb31ee2d67053a3559c1cf8a5804922dab3c1c31a43b4

bpftool-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 24da15b7fe8b291e71e67f372a06f388c6c2257a4f0e65e206e3eb542066d538

kernel-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 0a5956ada75981f5ef6ea45cbfd70a2c2130c19f36a6898be0dd19b02ae92a57

kernel-abi-whitelists-4.18.0-147.64.1.el8_1.noarch.rpm

SHA-256: 673ce4eeabb840d333751740b8191db0f35dee218d7e5b72636da439ca2fc79c

kernel-core-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 9e3f857341d3e7ae75814cd6e9f2004b9655ed3b78a0cf8357c83fafc11b5b2d

kernel-cross-headers-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: bd1f4c8204319cb6f343b39aee4a3d15e5b22762354b30b28558406161716336

kernel-debug-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: cbd0c4738098255c39a05a6c1bf3214ebe8112bd09ee29932fa58479e9ef9936

kernel-debug-core-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: ddf88f6b4d0499e93e12dfa71215afc371c62c0bb0be668d96ea1a59bb512735

kernel-debug-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 057e44e0d5d26813f08e135ad7afb87656ee1c5cfe67dc4f28145b12c7bcd248

kernel-debug-devel-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 732c6ebc9d3a9df721f325391c3cf9c78b30bc7c3bff9e2754bd13a5d2de2610

kernel-debug-modules-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: acfd29662bdda2cfb7e8bd1764b9b1f182415a031665e95ab75339cb7276cd5c

kernel-debug-modules-extra-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: a0b3e8b698d2e2799cf9e07ffddbf6c159377da0d2798ae73020fa84ec309189

kernel-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: c7a1abf89a608017373b009dddb909e137e4cd826ff700fa26653462426da368

kernel-debuginfo-common-x86_64-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 44ac27ec74008277a40e9b66595297aacafffb9666ced5f58fb5013f9e3aff28

kernel-devel-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: d1d614ac372e7e34d78feb5866b34e8cd7d7fbc5f6c1ec5bf2ba06d7e52d38ac

kernel-doc-4.18.0-147.64.1.el8_1.noarch.rpm

SHA-256: 1a963e71d175939e7dfbcf2e977809fda92cf3dc0c13d3b1977233627a04172b

kernel-headers-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 6e669d277f898b61a8e64065a3c0c418e115f2ef65cc2c42c00465b89ce0fa28

kernel-modules-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 40010d68223216d5c09610ccf0cfb1601b92d9ff86b9c47d84d6830c19fae5b7

kernel-modules-extra-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 9f02099c395d04f9356940989b6f1a4c0fbf9e9d44d69d9e6d053e7d82dfe6d4

kernel-tools-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: df92c65473a9d6b3d28b069a21884be8ec66183f38357f7741342381b1484f9a

kernel-tools-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 9593d50b04835a1ed0e57aa19ebab17ea0555d3f3ace6a64614228de7be38088

kernel-tools-libs-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 2ffea218aac1fa21bbb279ec9a246ec7b542a731c7d60e8a54587175be711dc5

perf-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: af84a65bccaf04e9e6fd8c95d082768cf38a582edea31509255f7cda0da1774d

perf-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 51b800c662be63e13eeab5968108b88d187d8b9f2da73c3f8bb79cb7ffee3bc6

python3-perf-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 0ec034ecacd03d0e6ea24c2707720c67123a108b24329c532a445a0f39d8108e

python3-perf-debuginfo-4.18.0-147.64.1.el8_1.x86_64.rpm

SHA-256: 6374af6f7a162189d7ba79623a4855a2f910962910e8e29eeeb815870e0ba201

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat Security Data: Latest News

RHSA-2023:5627: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

11 months ago

Red Hat Security Data

RHSA-2023:5628: Red Hat Security Advisory: kernel security and bug fix update

11 months ago

Red Hat Security Data

RHSA-2023:5622: Red Hat Security Advisory: kernel security and bug fix update

11 months ago

Red Hat Security Data

RHSA-2023:5615: Red Hat Security Advisory: libssh2 security update

11 months ago

Red Hat Security Data

RHSA-2023:5616: Red Hat Security Advisory: python-reportlab security update

11 months ago

Red Hat Security Data