Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1660: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. In this flaw a normal privileged, local attacker may impact the system due to a locking issue in the compat path, leading to a kernel information leak problem.
  • CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.
Red Hat Security Data
#vulnerability#linux#red_hat#auth#rpm#sap

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266)
  • kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2159505 - CVE-2023-0386 kernel: FUSE filesystem low-privileged user privileges escalation
  • BZ - 2163379 - CVE-2023-0266 ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6

SRPM

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.src.rpm

SHA-256: 7ed17f78978b8066c902acdcb7f62a6a35932392a9cc600497bef966d565e33f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.src.rpm

SHA-256: 094e368c4ad2e4254e31e72139bae496a2faedcc0a9969355bee63a65dda1db4

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.src.rpm

SHA-256: ef5371787feca0a64f5ca8698812dd4a5ca8d3c9da581575e41971fdeac1b527

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.src.rpm

SHA-256: 593f24b14ad06204cd8051a31223ffb92897d1a73cb22396ef121cf568c06510

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.src.rpm

SHA-256: 8161bb3bf32af0768ba089ff39e5257f26082dbbd8277b4b4d0f56694d8e175e

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.src.rpm

SHA-256: e768d07c244ffe26895c6dac99be730613eb8c6591ca00f6961f5b1c68e36da6

x86_64

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.x86_64.rpm

SHA-256: 4e53c1c3bc546734e0a84de3b9121ef66d18d9b187fb828162a6834625fa18d1

kpatch-patch-4_18_0-372_26_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c15e98e68210c2433ebc9412892da052aa185b393d732b8af36d7401c384f113

kpatch-patch-4_18_0-372_26_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: d833050e79d8348a96a2fb692c7b77c407edf1f6135c1dd7144b64626ead98c9

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.x86_64.rpm

SHA-256: 894981d1bbd372afb4ac7a9750ddf7a5cb3933f15bbbd21a387606a5161c4100

kpatch-patch-4_18_0-372_32_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 860e69535c6e2f44fb2130e5b7e667953376ae25038506621f04c8e353aa40d8

kpatch-patch-4_18_0-372_32_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: dbb35f54982ebb0bc88e95747a66d62cfe25721e374b9dd5b4e060ad09948f3c

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.x86_64.rpm

SHA-256: 47500c173ed2145eef832bb1250921afeb46a45307b3faa1bb4c7cdf6ac62273

kpatch-patch-4_18_0-372_36_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: fcdda332fc3ed920b16dcb992465f160ad231f14e1dbf07c08f0b582896e82fa

kpatch-patch-4_18_0-372_36_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: e4658cd658c13ca49d877451aec0b8df85711cd8e56a0eedda3ed992d36d6b90

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.x86_64.rpm

SHA-256: eba46d9644df50e4b5995cf279bc7c17376d6c4a55ee22a4478fcf1d7bb0a9f5

kpatch-patch-4_18_0-372_40_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: 52b0b58fb29ed910d5e807f113f8f9d65197d1cc41565e556edb00da17edc8a7

kpatch-patch-4_18_0-372_40_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 24dc315d414353d582238fbf91ab3ba5a67c5530d728574dd1056aac1b7d3831

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.x86_64.rpm

SHA-256: 7bbb6b466c55b14af2eda5b76c193bde574f439e22ba443077e8cef893456127

kpatch-patch-4_18_0-372_41_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: e54e743fe5daccc7fe402f1a3e22915ea098849a83bec6927fb2223f7c424c6a

kpatch-patch-4_18_0-372_41_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: 740541875f57c25f7ad1aa227d914fcc9cc6bdb8f6e200a926ab8e7c36c2224b

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.x86_64.rpm

SHA-256: 90fc37933ab4d8b00fcddb380540ac32aca17b1de663222bd85caa13e0d56b8b

kpatch-patch-4_18_0-372_46_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: d0cbb5d12961e16b8776569edae53571622604f36d3f6ba9ba1f06ccb6309d55

kpatch-patch-4_18_0-372_46_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: 8453bc721a25d7b5321452f16293ee45b9dac25a039455adde27511b90a7ca5c

Red Hat Enterprise Linux Server - AUS 8.6

SRPM

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.src.rpm

SHA-256: 7ed17f78978b8066c902acdcb7f62a6a35932392a9cc600497bef966d565e33f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.src.rpm

SHA-256: 094e368c4ad2e4254e31e72139bae496a2faedcc0a9969355bee63a65dda1db4

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.src.rpm

SHA-256: ef5371787feca0a64f5ca8698812dd4a5ca8d3c9da581575e41971fdeac1b527

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.src.rpm

SHA-256: 593f24b14ad06204cd8051a31223ffb92897d1a73cb22396ef121cf568c06510

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.src.rpm

SHA-256: 8161bb3bf32af0768ba089ff39e5257f26082dbbd8277b4b4d0f56694d8e175e

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.src.rpm

SHA-256: e768d07c244ffe26895c6dac99be730613eb8c6591ca00f6961f5b1c68e36da6

x86_64

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.x86_64.rpm

SHA-256: 4e53c1c3bc546734e0a84de3b9121ef66d18d9b187fb828162a6834625fa18d1

kpatch-patch-4_18_0-372_26_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c15e98e68210c2433ebc9412892da052aa185b393d732b8af36d7401c384f113

kpatch-patch-4_18_0-372_26_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: d833050e79d8348a96a2fb692c7b77c407edf1f6135c1dd7144b64626ead98c9

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.x86_64.rpm

SHA-256: 894981d1bbd372afb4ac7a9750ddf7a5cb3933f15bbbd21a387606a5161c4100

kpatch-patch-4_18_0-372_32_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 860e69535c6e2f44fb2130e5b7e667953376ae25038506621f04c8e353aa40d8

kpatch-patch-4_18_0-372_32_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: dbb35f54982ebb0bc88e95747a66d62cfe25721e374b9dd5b4e060ad09948f3c

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.x86_64.rpm

SHA-256: 47500c173ed2145eef832bb1250921afeb46a45307b3faa1bb4c7cdf6ac62273

kpatch-patch-4_18_0-372_36_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: fcdda332fc3ed920b16dcb992465f160ad231f14e1dbf07c08f0b582896e82fa

kpatch-patch-4_18_0-372_36_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: e4658cd658c13ca49d877451aec0b8df85711cd8e56a0eedda3ed992d36d6b90

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.x86_64.rpm

SHA-256: eba46d9644df50e4b5995cf279bc7c17376d6c4a55ee22a4478fcf1d7bb0a9f5

kpatch-patch-4_18_0-372_40_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: 52b0b58fb29ed910d5e807f113f8f9d65197d1cc41565e556edb00da17edc8a7

kpatch-patch-4_18_0-372_40_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 24dc315d414353d582238fbf91ab3ba5a67c5530d728574dd1056aac1b7d3831

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.x86_64.rpm

SHA-256: 7bbb6b466c55b14af2eda5b76c193bde574f439e22ba443077e8cef893456127

kpatch-patch-4_18_0-372_41_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: e54e743fe5daccc7fe402f1a3e22915ea098849a83bec6927fb2223f7c424c6a

kpatch-patch-4_18_0-372_41_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: 740541875f57c25f7ad1aa227d914fcc9cc6bdb8f6e200a926ab8e7c36c2224b

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.x86_64.rpm

SHA-256: 90fc37933ab4d8b00fcddb380540ac32aca17b1de663222bd85caa13e0d56b8b

kpatch-patch-4_18_0-372_46_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: d0cbb5d12961e16b8776569edae53571622604f36d3f6ba9ba1f06ccb6309d55

kpatch-patch-4_18_0-372_46_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: 8453bc721a25d7b5321452f16293ee45b9dac25a039455adde27511b90a7ca5c

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6

SRPM

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.src.rpm

SHA-256: 7ed17f78978b8066c902acdcb7f62a6a35932392a9cc600497bef966d565e33f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.src.rpm

SHA-256: 094e368c4ad2e4254e31e72139bae496a2faedcc0a9969355bee63a65dda1db4

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.src.rpm

SHA-256: ef5371787feca0a64f5ca8698812dd4a5ca8d3c9da581575e41971fdeac1b527

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.src.rpm

SHA-256: 593f24b14ad06204cd8051a31223ffb92897d1a73cb22396ef121cf568c06510

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.src.rpm

SHA-256: 8161bb3bf32af0768ba089ff39e5257f26082dbbd8277b4b4d0f56694d8e175e

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.src.rpm

SHA-256: e768d07c244ffe26895c6dac99be730613eb8c6591ca00f6961f5b1c68e36da6

ppc64le

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.ppc64le.rpm

SHA-256: 5b4edc718f39e43fe5d4a1a2fe9b68bdfa9ee2b6311f3271b5b45af85f064560

kpatch-patch-4_18_0-372_26_1-debuginfo-1-6.el8_6.ppc64le.rpm

SHA-256: 9827e149e0de041c8ff84c6d6eed058868f5082c825fc9a37a220098d6f344e0

kpatch-patch-4_18_0-372_26_1-debugsource-1-6.el8_6.ppc64le.rpm

SHA-256: d5e8f8a4508a1cbfce56554bbc3fe63d7e8dd52b885948a3ecb474b4c56af65f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.ppc64le.rpm

SHA-256: e99a07468d7bb4c7a5f44f88012c337dc9763d3ca2cc4157451068fc47682bef

kpatch-patch-4_18_0-372_32_1-debuginfo-1-5.el8_6.ppc64le.rpm

SHA-256: 337449468a024359d75ebcda6b2aef457fa28ab683739fb06f501e9722519439

kpatch-patch-4_18_0-372_32_1-debugsource-1-5.el8_6.ppc64le.rpm

SHA-256: 383d349abbb326b201bd41e1965a0e50466e42efb26d6a2405dc74268ba1cf07

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.ppc64le.rpm

SHA-256: 7329e8c554d34896cc5696ec307a1ead5b4d301e57ac7d4995903be27687b159

kpatch-patch-4_18_0-372_36_1-debuginfo-1-4.el8_6.ppc64le.rpm

SHA-256: c62aa67954aa1736a5a50db897acc0f9b4997a1855b88d70bb7fd017a9e86d60

kpatch-patch-4_18_0-372_36_1-debugsource-1-4.el8_6.ppc64le.rpm

SHA-256: e8909e5bd6768050f86f2432efdde667c0e4ceb4df57c3a104c13918f7b684a8

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.ppc64le.rpm

SHA-256: 239bbcc31cdbe2ccf2b59420a2f30f69df13352c5fa589a1650fe661c1c46f5b

kpatch-patch-4_18_0-372_40_1-debuginfo-1-4.el8_6.ppc64le.rpm

SHA-256: 63f4bc5b9a8d4cba4e8e592ac361fe0122f058b1f11212d06dd982165430722f

kpatch-patch-4_18_0-372_40_1-debugsource-1-4.el8_6.ppc64le.rpm

SHA-256: dd2b7a6c989568b7b22021997843247a1e7b516f4c7276e71228c099f16d4958

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.ppc64le.rpm

SHA-256: afc68295390df84a6c302166fed99da45f1be762dabd060636707089f457bd06

kpatch-patch-4_18_0-372_41_1-debuginfo-1-3.el8_6.ppc64le.rpm

SHA-256: 7b52d43a7f429c6ea98081ac599b1dc3524663898fedb37585aa08574fff4f15

kpatch-patch-4_18_0-372_41_1-debugsource-1-3.el8_6.ppc64le.rpm

SHA-256: 93aa7fbab08d5303b22b7c2e6f699c38abf87ac257102c4b40ebfa3f30d29342

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.ppc64le.rpm

SHA-256: e13235347b21bdd24c733f617570c5f9950823c41d020a96481b8eafc541e4a4

kpatch-patch-4_18_0-372_46_1-debuginfo-1-1.el8_6.ppc64le.rpm

SHA-256: a25baa6f3a2f1fb5cdc4399fba386fe49003714e98f3a15d76406e7acaa85eda

kpatch-patch-4_18_0-372_46_1-debugsource-1-1.el8_6.ppc64le.rpm

SHA-256: cac4ca5f1dfe4c98acc21d975cd302c7937cd7228407db98316b43d8b165d5e1

Red Hat Enterprise Linux Server - TUS 8.6

SRPM

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.src.rpm

SHA-256: 7ed17f78978b8066c902acdcb7f62a6a35932392a9cc600497bef966d565e33f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.src.rpm

SHA-256: 094e368c4ad2e4254e31e72139bae496a2faedcc0a9969355bee63a65dda1db4

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.src.rpm

SHA-256: ef5371787feca0a64f5ca8698812dd4a5ca8d3c9da581575e41971fdeac1b527

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.src.rpm

SHA-256: 593f24b14ad06204cd8051a31223ffb92897d1a73cb22396ef121cf568c06510

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.src.rpm

SHA-256: 8161bb3bf32af0768ba089ff39e5257f26082dbbd8277b4b4d0f56694d8e175e

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.src.rpm

SHA-256: e768d07c244ffe26895c6dac99be730613eb8c6591ca00f6961f5b1c68e36da6

x86_64

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.x86_64.rpm

SHA-256: 4e53c1c3bc546734e0a84de3b9121ef66d18d9b187fb828162a6834625fa18d1

kpatch-patch-4_18_0-372_26_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c15e98e68210c2433ebc9412892da052aa185b393d732b8af36d7401c384f113

kpatch-patch-4_18_0-372_26_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: d833050e79d8348a96a2fb692c7b77c407edf1f6135c1dd7144b64626ead98c9

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.x86_64.rpm

SHA-256: 894981d1bbd372afb4ac7a9750ddf7a5cb3933f15bbbd21a387606a5161c4100

kpatch-patch-4_18_0-372_32_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 860e69535c6e2f44fb2130e5b7e667953376ae25038506621f04c8e353aa40d8

kpatch-patch-4_18_0-372_32_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: dbb35f54982ebb0bc88e95747a66d62cfe25721e374b9dd5b4e060ad09948f3c

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.x86_64.rpm

SHA-256: 47500c173ed2145eef832bb1250921afeb46a45307b3faa1bb4c7cdf6ac62273

kpatch-patch-4_18_0-372_36_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: fcdda332fc3ed920b16dcb992465f160ad231f14e1dbf07c08f0b582896e82fa

kpatch-patch-4_18_0-372_36_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: e4658cd658c13ca49d877451aec0b8df85711cd8e56a0eedda3ed992d36d6b90

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.x86_64.rpm

SHA-256: eba46d9644df50e4b5995cf279bc7c17376d6c4a55ee22a4478fcf1d7bb0a9f5

kpatch-patch-4_18_0-372_40_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: 52b0b58fb29ed910d5e807f113f8f9d65197d1cc41565e556edb00da17edc8a7

kpatch-patch-4_18_0-372_40_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 24dc315d414353d582238fbf91ab3ba5a67c5530d728574dd1056aac1b7d3831

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.x86_64.rpm

SHA-256: 7bbb6b466c55b14af2eda5b76c193bde574f439e22ba443077e8cef893456127

kpatch-patch-4_18_0-372_41_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: e54e743fe5daccc7fe402f1a3e22915ea098849a83bec6927fb2223f7c424c6a

kpatch-patch-4_18_0-372_41_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: 740541875f57c25f7ad1aa227d914fcc9cc6bdb8f6e200a926ab8e7c36c2224b

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.x86_64.rpm

SHA-256: 90fc37933ab4d8b00fcddb380540ac32aca17b1de663222bd85caa13e0d56b8b

kpatch-patch-4_18_0-372_46_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: d0cbb5d12961e16b8776569edae53571622604f36d3f6ba9ba1f06ccb6309d55

kpatch-patch-4_18_0-372_46_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: 8453bc721a25d7b5321452f16293ee45b9dac25a039455adde27511b90a7ca5c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.src.rpm

SHA-256: 7ed17f78978b8066c902acdcb7f62a6a35932392a9cc600497bef966d565e33f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.src.rpm

SHA-256: 094e368c4ad2e4254e31e72139bae496a2faedcc0a9969355bee63a65dda1db4

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.src.rpm

SHA-256: ef5371787feca0a64f5ca8698812dd4a5ca8d3c9da581575e41971fdeac1b527

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.src.rpm

SHA-256: 593f24b14ad06204cd8051a31223ffb92897d1a73cb22396ef121cf568c06510

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.src.rpm

SHA-256: 8161bb3bf32af0768ba089ff39e5257f26082dbbd8277b4b4d0f56694d8e175e

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.src.rpm

SHA-256: e768d07c244ffe26895c6dac99be730613eb8c6591ca00f6961f5b1c68e36da6

ppc64le

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.ppc64le.rpm

SHA-256: 5b4edc718f39e43fe5d4a1a2fe9b68bdfa9ee2b6311f3271b5b45af85f064560

kpatch-patch-4_18_0-372_26_1-debuginfo-1-6.el8_6.ppc64le.rpm

SHA-256: 9827e149e0de041c8ff84c6d6eed058868f5082c825fc9a37a220098d6f344e0

kpatch-patch-4_18_0-372_26_1-debugsource-1-6.el8_6.ppc64le.rpm

SHA-256: d5e8f8a4508a1cbfce56554bbc3fe63d7e8dd52b885948a3ecb474b4c56af65f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.ppc64le.rpm

SHA-256: e99a07468d7bb4c7a5f44f88012c337dc9763d3ca2cc4157451068fc47682bef

kpatch-patch-4_18_0-372_32_1-debuginfo-1-5.el8_6.ppc64le.rpm

SHA-256: 337449468a024359d75ebcda6b2aef457fa28ab683739fb06f501e9722519439

kpatch-patch-4_18_0-372_32_1-debugsource-1-5.el8_6.ppc64le.rpm

SHA-256: 383d349abbb326b201bd41e1965a0e50466e42efb26d6a2405dc74268ba1cf07

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.ppc64le.rpm

SHA-256: 7329e8c554d34896cc5696ec307a1ead5b4d301e57ac7d4995903be27687b159

kpatch-patch-4_18_0-372_36_1-debuginfo-1-4.el8_6.ppc64le.rpm

SHA-256: c62aa67954aa1736a5a50db897acc0f9b4997a1855b88d70bb7fd017a9e86d60

kpatch-patch-4_18_0-372_36_1-debugsource-1-4.el8_6.ppc64le.rpm

SHA-256: e8909e5bd6768050f86f2432efdde667c0e4ceb4df57c3a104c13918f7b684a8

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.ppc64le.rpm

SHA-256: 239bbcc31cdbe2ccf2b59420a2f30f69df13352c5fa589a1650fe661c1c46f5b

kpatch-patch-4_18_0-372_40_1-debuginfo-1-4.el8_6.ppc64le.rpm

SHA-256: 63f4bc5b9a8d4cba4e8e592ac361fe0122f058b1f11212d06dd982165430722f

kpatch-patch-4_18_0-372_40_1-debugsource-1-4.el8_6.ppc64le.rpm

SHA-256: dd2b7a6c989568b7b22021997843247a1e7b516f4c7276e71228c099f16d4958

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.ppc64le.rpm

SHA-256: afc68295390df84a6c302166fed99da45f1be762dabd060636707089f457bd06

kpatch-patch-4_18_0-372_41_1-debuginfo-1-3.el8_6.ppc64le.rpm

SHA-256: 7b52d43a7f429c6ea98081ac599b1dc3524663898fedb37585aa08574fff4f15

kpatch-patch-4_18_0-372_41_1-debugsource-1-3.el8_6.ppc64le.rpm

SHA-256: 93aa7fbab08d5303b22b7c2e6f699c38abf87ac257102c4b40ebfa3f30d29342

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.ppc64le.rpm

SHA-256: e13235347b21bdd24c733f617570c5f9950823c41d020a96481b8eafc541e4a4

kpatch-patch-4_18_0-372_46_1-debuginfo-1-1.el8_6.ppc64le.rpm

SHA-256: a25baa6f3a2f1fb5cdc4399fba386fe49003714e98f3a15d76406e7acaa85eda

kpatch-patch-4_18_0-372_46_1-debugsource-1-1.el8_6.ppc64le.rpm

SHA-256: cac4ca5f1dfe4c98acc21d975cd302c7937cd7228407db98316b43d8b165d5e1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.src.rpm

SHA-256: 7ed17f78978b8066c902acdcb7f62a6a35932392a9cc600497bef966d565e33f

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.src.rpm

SHA-256: 094e368c4ad2e4254e31e72139bae496a2faedcc0a9969355bee63a65dda1db4

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.src.rpm

SHA-256: ef5371787feca0a64f5ca8698812dd4a5ca8d3c9da581575e41971fdeac1b527

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.src.rpm

SHA-256: 593f24b14ad06204cd8051a31223ffb92897d1a73cb22396ef121cf568c06510

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.src.rpm

SHA-256: 8161bb3bf32af0768ba089ff39e5257f26082dbbd8277b4b4d0f56694d8e175e

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.src.rpm

SHA-256: e768d07c244ffe26895c6dac99be730613eb8c6591ca00f6961f5b1c68e36da6

x86_64

kpatch-patch-4_18_0-372_26_1-1-6.el8_6.x86_64.rpm

SHA-256: 4e53c1c3bc546734e0a84de3b9121ef66d18d9b187fb828162a6834625fa18d1

kpatch-patch-4_18_0-372_26_1-debuginfo-1-6.el8_6.x86_64.rpm

SHA-256: c15e98e68210c2433ebc9412892da052aa185b393d732b8af36d7401c384f113

kpatch-patch-4_18_0-372_26_1-debugsource-1-6.el8_6.x86_64.rpm

SHA-256: d833050e79d8348a96a2fb692c7b77c407edf1f6135c1dd7144b64626ead98c9

kpatch-patch-4_18_0-372_32_1-1-5.el8_6.x86_64.rpm

SHA-256: 894981d1bbd372afb4ac7a9750ddf7a5cb3933f15bbbd21a387606a5161c4100

kpatch-patch-4_18_0-372_32_1-debuginfo-1-5.el8_6.x86_64.rpm

SHA-256: 860e69535c6e2f44fb2130e5b7e667953376ae25038506621f04c8e353aa40d8

kpatch-patch-4_18_0-372_32_1-debugsource-1-5.el8_6.x86_64.rpm

SHA-256: dbb35f54982ebb0bc88e95747a66d62cfe25721e374b9dd5b4e060ad09948f3c

kpatch-patch-4_18_0-372_36_1-1-4.el8_6.x86_64.rpm

SHA-256: 47500c173ed2145eef832bb1250921afeb46a45307b3faa1bb4c7cdf6ac62273

kpatch-patch-4_18_0-372_36_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: fcdda332fc3ed920b16dcb992465f160ad231f14e1dbf07c08f0b582896e82fa

kpatch-patch-4_18_0-372_36_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: e4658cd658c13ca49d877451aec0b8df85711cd8e56a0eedda3ed992d36d6b90

kpatch-patch-4_18_0-372_40_1-1-4.el8_6.x86_64.rpm

SHA-256: eba46d9644df50e4b5995cf279bc7c17376d6c4a55ee22a4478fcf1d7bb0a9f5

kpatch-patch-4_18_0-372_40_1-debuginfo-1-4.el8_6.x86_64.rpm

SHA-256: 52b0b58fb29ed910d5e807f113f8f9d65197d1cc41565e556edb00da17edc8a7

kpatch-patch-4_18_0-372_40_1-debugsource-1-4.el8_6.x86_64.rpm

SHA-256: 24dc315d414353d582238fbf91ab3ba5a67c5530d728574dd1056aac1b7d3831

kpatch-patch-4_18_0-372_41_1-1-3.el8_6.x86_64.rpm

SHA-256: 7bbb6b466c55b14af2eda5b76c193bde574f439e22ba443077e8cef893456127

kpatch-patch-4_18_0-372_41_1-debuginfo-1-3.el8_6.x86_64.rpm

SHA-256: e54e743fe5daccc7fe402f1a3e22915ea098849a83bec6927fb2223f7c424c6a

kpatch-patch-4_18_0-372_41_1-debugsource-1-3.el8_6.x86_64.rpm

SHA-256: 740541875f57c25f7ad1aa227d914fcc9cc6bdb8f6e200a926ab8e7c36c2224b

kpatch-patch-4_18_0-372_46_1-1-1.el8_6.x86_64.rpm

SHA-256: 90fc37933ab4d8b00fcddb380540ac32aca17b1de663222bd85caa13e0d56b8b

kpatch-patch-4_18_0-372_46_1-debuginfo-1-1.el8_6.x86_64.rpm

SHA-256: d0cbb5d12961e16b8776569edae53571622604f36d3f6ba9ba1f06ccb6309d55

kpatch-patch-4_18_0-372_46_1-debugsource-1-1.el8_6.x86_64.rpm

SHA-256: 8453bc721a25d7b5321452f16293ee45b9dac25a039455adde27511b90a7ca5c

Related news

Linux OverlayFS Local Privilege Escalation

This Metasploit module exploit targets the Linux kernel bug in OverlayFS. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

CVE-2023-1476

A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system.

GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users

Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users. "The impacted Ubuntu versions are prevalent in the cloud as they serve as the default

Apple's iOS 16.5 Fixes 3 Security Bugs Already Used in Attacks

Plus: Microsoft patches two zero-day flaws, Google’s Android and Chrome get some much-needed updates, and more.

CVE-2023-23694: DSA-2023-071: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities – 7.0.450

Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

Ubuntu Security Notice USN-6071-1

Ubuntu Security Notice 6071-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

RHSA-2023:2104: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.5.8 security updates and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.5.8 General Availability release images, which fix bugs and security updates container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25881: A flaw was found in http-cache-semantics. When the server reads the cache policy from the request using this library, a Regular Expression Denial of Service occurs, caused by malicious request header values sent to the server.

Red Hat Security Advisory 2023-2083-01

Red Hat Security Advisory 2023-2083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.5 General Availability release images, which fix bugs and security updates container images. Issues addressed include denial of service and server-side request forgery vulnerabilities.

Ubuntu Security Notice USN-6043-1

Ubuntu Security Notice 6043-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

RHSA-2023:1953: Red Hat Security Advisory: Logging Subsystem 5.6.5 - Red Hat OpenShift security update

Logging Subsystem 5.6.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-27539: A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service. * CVE-2023-28120: A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrus...

Ubuntu Security Notice USN-6040-1

Ubuntu Security Notice 6040-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

Red Hat Security Advisory 2023-1980-01

Red Hat Security Advisory 2023-1980-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2023-1984-01

Red Hat Security Advisory 2023-1984-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

RHSA-2023:1980: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on t...

Ubuntu Security Notice USN-6030-1

Ubuntu Security Notice 6030-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6025-1

Ubuntu Security Notice 6025-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

RHSA-2023:1703: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

RHSA-2023:1691: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

RHSA-2023:1681: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

RHSA-2023:1677: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update batch#5 (oVirt-4.5.3-5)

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23521: A flaw was found in Git, a distributed revision control system. When parsing gitattributes, a mechanism to allow defining attributes for paths, multiple integer overflows can occur when there is a huge number of path patterns, attributes for a single pattern, ...

Red Hat Security Advisory 2023-1660-01

Red Hat Security Advisory 2023-1660-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Red Hat Security Advisory 2023-1659-01

Red Hat Security Advisory 2023-1659-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

RHSA-2023:1659: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4378: A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-0266: A use-after-free flaw was found in snd_ctl_elem_read in sound/core/control.c in Advanced Linux So...

Red Hat Security Advisory 2023-1557-01

Red Hat Security Advisory 2023-1557-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-1584-01

Red Hat Security Advisory 2023-1584-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Red Hat Security Advisory 2023-1554-01

Red Hat Security Advisory 2023-1554-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

RHSA-2023:1566: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of se...

RHSA-2023:1588: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in the ALSA subsystem in sound/core/control.c in the Linux kernel. This flaw allows a local attacker to cause a use-after-free issue.

RHSA-2023:1584: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4269: A flaw was found in the Linux kernel Traffic Control (TC) subsystem. Using a specific networking configuration (redirecting egress packets to ingress using TC action "mirred") a local unprivileged user could trigger a CPU soft lockup (ABBA deadlock) when the transport protocol in use (TCP or SCTP) does a retransmission, resulting in a denial of...

RHSA-2023:1557: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in the ALSA subsystem in sound/core/control.c in the Linux kernel. This flaw allows a local attacker to cause a use-after-free issue. * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) o...

RHSA-2023:1554: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0266: A use-after-free flaw was found in the ALSA subsystem in sound/core/control.c in the Linux kernel. This flaw allows a local attacker to cause a use-after-free issue. * CVE-2023-0386: A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux...

Ubuntu Security Notice USN-5991-1

Ubuntu Security Notice 5991-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5987-1

Ubuntu Security Notice 5987-1 - It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices

A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group (TAG) has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap between the release of a fix and when it was actually deployed on the targeted devices. "These

RHSA-2023:1471: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4744: A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the register_netdevice function fails (NETDEV_REGISTER notifier). This flaw allows a local user to crash or potentially escalate their privileges on the system. * CVE-2023-0266: A use-after-free flaw was found in the...

RHSA-2023:1435: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user triggers a race condition by two malicious flows in the L2CAP bluetooth packets. This flaw allows a local or bluetooth connection user to crash the system or potentially escalate privileges. * CVE-2022-4378: A stack ove...

CVE-2023-0386

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalate their privileges on the system.

Ubuntu Security Notice USN-5934-1

Ubuntu Security Notice 5934-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the NVMe driver in the Linux kernel did not properly handle reset events in some situations. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-5924-1

Ubuntu Security Notice 5924-1 - It was discovered that the Upper Level Protocol subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service.