Headline
RHSA-2022:5216: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-1966: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Issued:
2022-06-28
Updated:
2022-06-28
RHSA-2022:5216 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2092427 - CVE-2022-1966 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Red Hat Enterprise Linux Server 7
SRPM
kpatch-patch-3_10_0-1160_36_2-1-8.el7.src.rpm
SHA-256: b109e8622cd30beaa5029d1b39104af59cb3f36fdc6d734eb0a448654d712e87
kpatch-patch-3_10_0-1160_41_1-1-7.el7.src.rpm
SHA-256: ecbf008d9f4c4d341299e86feb81bb39d3da168fffc758c648f0157536e8b618
kpatch-patch-3_10_0-1160_42_2-1-6.el7.src.rpm
SHA-256: c41e20b7d06fb87ba45eb12d579699f88d924888e042b86fae895ac47d96f671
kpatch-patch-3_10_0-1160_45_1-1-5.el7.src.rpm
SHA-256: deadcc7755b27c317def05be23d92c2868aa92202ea2f872ff3323998c833ec5
kpatch-patch-3_10_0-1160_49_1-1-4.el7.src.rpm
SHA-256: bd718bf22f2382c1d1656aacbb455f4ffb98b6596eca5daf5e15a85ae67b5ce3
kpatch-patch-3_10_0-1160_53_1-1-4.el7.src.rpm
SHA-256: 690e96b6ebf5d2686827658375907504b1836da9e18d6218078bc58598e80960
kpatch-patch-3_10_0-1160_59_1-1-3.el7.src.rpm
SHA-256: 0ebf227513206e86f0f239fc3569117b12dabffac9c236576fb4314fbf032948
kpatch-patch-3_10_0-1160_62_1-1-2.el7.src.rpm
SHA-256: e0cb5a231984523415972934baf64337b702061816ebcf1ae2f9f64b19863e9c
kpatch-patch-3_10_0-1160_66_1-1-1.el7.src.rpm
SHA-256: 4e336303a7b6c084ea2c051f916ff696d1e2a9e548d02db7822bd0db9fbadf9d
x86_64
kpatch-patch-3_10_0-1160_36_2-1-8.el7.x86_64.rpm
SHA-256: e4b5a54bea6e860f254acd3a738f80cde695bf50653c85c20cff1533de3e464c
kpatch-patch-3_10_0-1160_36_2-debuginfo-1-8.el7.x86_64.rpm
SHA-256: 55ce926fbac86a23240b303d154204953a375f4db81ab438d887df06fc2de6d3
kpatch-patch-3_10_0-1160_41_1-1-7.el7.x86_64.rpm
SHA-256: b097a490c9fe937907073b94e4bc2875dcd46ced383c6f838207c3270879113f
kpatch-patch-3_10_0-1160_41_1-debuginfo-1-7.el7.x86_64.rpm
SHA-256: 83633f872d44f231812d8414683e8ccb994c86a4b1a437aa2f245bbe41ff3970
kpatch-patch-3_10_0-1160_42_2-1-6.el7.x86_64.rpm
SHA-256: 406a817ed41c0ad3dcc5c74542cad7ea2f0c0788eca3ae3918cb3a646216bcda
kpatch-patch-3_10_0-1160_42_2-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 686cb5ee654c7e78f0aec2eb34e326f50451d637f80c9cd4a9d5f309b6c73f91
kpatch-patch-3_10_0-1160_45_1-1-5.el7.x86_64.rpm
SHA-256: 0cee381d0351680d46bcbb01a8066afa5fb99834bc41f5c4bd6924e7d0392f0f
kpatch-patch-3_10_0-1160_45_1-debuginfo-1-5.el7.x86_64.rpm
SHA-256: da195621735156391d0183e4d80d8bc5f3e0b51ca7d2262f804487d99e0bc38f
kpatch-patch-3_10_0-1160_49_1-1-4.el7.x86_64.rpm
SHA-256: d342a61cad7e1d95c897792318c35fb6cebc8e2ff2c227d297637af6afc90fde
kpatch-patch-3_10_0-1160_49_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: 32f378b614e9e97b724b12ba1004d0d81153b6f83a36eaf2a06686d5f63ad7b5
kpatch-patch-3_10_0-1160_53_1-1-4.el7.x86_64.rpm
SHA-256: 89ac91d197cdf0ad61a90585d25abe56812519d0b2fbfae8c8e00abb460c311e
kpatch-patch-3_10_0-1160_53_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: d293e50096248c70885c796326c975cfc6f4a742790f9e89fb9bbbd659b34e8b
kpatch-patch-3_10_0-1160_59_1-1-3.el7.x86_64.rpm
SHA-256: 996bd8f665ca520535db9ac228f35145b8d8948c2b467b0da801b0522ba99112
kpatch-patch-3_10_0-1160_59_1-debuginfo-1-3.el7.x86_64.rpm
SHA-256: 113178d479a3e3f9696ba0c6d9a90fe7a1eabe7744cd56ad80070948ab39315d
kpatch-patch-3_10_0-1160_62_1-1-2.el7.x86_64.rpm
SHA-256: fe6f468c1fa2e4bdb683a93b4f30182a726da9ef00c52223336cd590a1b83b67
kpatch-patch-3_10_0-1160_62_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 613ed9303e73bfed0b21e6b72c6e38d1d5fed91e6f420c4431a97556de43810f
kpatch-patch-3_10_0-1160_66_1-1-1.el7.x86_64.rpm
SHA-256: 4b12e88e4c07b76a7936dcde7fa7a7a09cbfb28692141e2f2d75dcd15d7135c3
kpatch-patch-3_10_0-1160_66_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: efca02114231c2fd42d49133208be806c5dd2f6128bed428686515ba5a622b07
Red Hat Enterprise Linux for Power, little endian 7
SRPM
kpatch-patch-3_10_0-1160_36_2-1-8.el7.src.rpm
SHA-256: b109e8622cd30beaa5029d1b39104af59cb3f36fdc6d734eb0a448654d712e87
kpatch-patch-3_10_0-1160_41_1-1-7.el7.src.rpm
SHA-256: ecbf008d9f4c4d341299e86feb81bb39d3da168fffc758c648f0157536e8b618
kpatch-patch-3_10_0-1160_42_2-1-6.el7.src.rpm
SHA-256: c41e20b7d06fb87ba45eb12d579699f88d924888e042b86fae895ac47d96f671
kpatch-patch-3_10_0-1160_45_1-1-5.el7.src.rpm
SHA-256: deadcc7755b27c317def05be23d92c2868aa92202ea2f872ff3323998c833ec5
kpatch-patch-3_10_0-1160_49_1-1-4.el7.src.rpm
SHA-256: bd718bf22f2382c1d1656aacbb455f4ffb98b6596eca5daf5e15a85ae67b5ce3
kpatch-patch-3_10_0-1160_53_1-1-4.el7.src.rpm
SHA-256: 690e96b6ebf5d2686827658375907504b1836da9e18d6218078bc58598e80960
kpatch-patch-3_10_0-1160_59_1-1-3.el7.src.rpm
SHA-256: 0ebf227513206e86f0f239fc3569117b12dabffac9c236576fb4314fbf032948
kpatch-patch-3_10_0-1160_62_1-1-2.el7.src.rpm
SHA-256: e0cb5a231984523415972934baf64337b702061816ebcf1ae2f9f64b19863e9c
kpatch-patch-3_10_0-1160_66_1-1-1.el7.src.rpm
SHA-256: 4e336303a7b6c084ea2c051f916ff696d1e2a9e548d02db7822bd0db9fbadf9d
ppc64le
kpatch-patch-3_10_0-1160_36_2-1-8.el7.ppc64le.rpm
SHA-256: 3ec893262efe4592ec486f040cbdade1e63b765ee3760fa057c8abea0637ed14
kpatch-patch-3_10_0-1160_36_2-debuginfo-1-8.el7.ppc64le.rpm
SHA-256: 77483c05cd181c79b2eadf045e8316eb7ed189b25717f904da559970e41b4aec
kpatch-patch-3_10_0-1160_41_1-1-7.el7.ppc64le.rpm
SHA-256: be305d78c48bb7b988c09a290467d8b505f72805e0df6b80143ffe629d7bca0a
kpatch-patch-3_10_0-1160_41_1-debuginfo-1-7.el7.ppc64le.rpm
SHA-256: 2f5cc1e3183650005ca0d2e4345c0961ef2cd63a7e0a3a415352fbcb8b95013c
kpatch-patch-3_10_0-1160_42_2-1-6.el7.ppc64le.rpm
SHA-256: f1091fe02cb1893111042ea1a85d8fe1a9bea00c8bded41bd65fb71a990a4fef
kpatch-patch-3_10_0-1160_42_2-debuginfo-1-6.el7.ppc64le.rpm
SHA-256: a00a2e44f9f5b65537769055c26094d5ed22f35af0991f7f05f426264994cd06
kpatch-patch-3_10_0-1160_45_1-1-5.el7.ppc64le.rpm
SHA-256: b2313abfb35466d44d621a2a54c271a39a54179ecd03ba447d4c87f284a564b7
kpatch-patch-3_10_0-1160_45_1-debuginfo-1-5.el7.ppc64le.rpm
SHA-256: e6da3dd533e2df1cebb0df1cc65df06facda9ad878cc45f5c7726fca9aa591fc
kpatch-patch-3_10_0-1160_49_1-1-4.el7.ppc64le.rpm
SHA-256: 94053429e426b388d7ba20041513f2fb2ae0052cb22ae39e3e2804b669836459
kpatch-patch-3_10_0-1160_49_1-debuginfo-1-4.el7.ppc64le.rpm
SHA-256: 9a255896865655baecc2c19f19b27136be917b4f9673eae6c4115ae42bd5d139
kpatch-patch-3_10_0-1160_53_1-1-4.el7.ppc64le.rpm
SHA-256: 798c826c30bff58b88c04ebd317ffd67e85cacc3059f63aa226d7bf615c377a5
kpatch-patch-3_10_0-1160_53_1-debuginfo-1-4.el7.ppc64le.rpm
SHA-256: 9799f2fe85cddb08adc953c7ecdac726edbf69bc1aa06c8133c836a6ec171f9b
kpatch-patch-3_10_0-1160_59_1-1-3.el7.ppc64le.rpm
SHA-256: fce67e135feecaececa0165b7aafe1e3bf3c4c9287b03a0d32e6093f139a1429
kpatch-patch-3_10_0-1160_59_1-debuginfo-1-3.el7.ppc64le.rpm
SHA-256: 181dba746ff5d2daf86f7194a15ca7e2dcc9e08777e695596ae60cab5cac70c4
kpatch-patch-3_10_0-1160_62_1-1-2.el7.ppc64le.rpm
SHA-256: 7d78c15760d479e404b6465b2fc09d6ea4d892f79fa74c4aac1091ffb20984ff
kpatch-patch-3_10_0-1160_62_1-debuginfo-1-2.el7.ppc64le.rpm
SHA-256: 6bd22390b6e14677abb8fb7469d8e86cefcbc7f35dd4bb73fe8246138db30a7f
kpatch-patch-3_10_0-1160_66_1-1-1.el7.ppc64le.rpm
SHA-256: 76fd3055c86e6cbfaa354d0b694abf1a36db4bc94d14be067abaee6621f54d50
kpatch-patch-3_10_0-1160_66_1-debuginfo-1-1.el7.ppc64le.rpm
SHA-256: ea2bcb8bbb0184faf506100bc837cc95ffcb1c1b7c69947c922e0fa7b7c552c5
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. It was discovered that the implementation of POSIX timers in the Linux kernel did not properly clean up timers in some situations. Various other vulnerabilities were also discovered.
Red Hat Security Advisory 2022-5249-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, information leakage, privilege escalation, and use-after-free vulnerabilities.
An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1966: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root * CVE-2022-27666: kernel: buffer overflow in IPsec ESP transformation code
Red Hat Security Advisory 2022-5216-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5224-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, information leakage, privilege escalation, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1729: kernel: race condition in perf_event_open leads to privilege escalation * CVE-2022-1966: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-1729: kernel: race condition in perf_event_open leads to p...
Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. Ziming Zhang discovered that the netfilter subsystem in the Linux kernel did not properly validate sets with multiple ranged fields. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5471-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5470-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5468-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5467-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5465-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
A use-after-free vulnerability was found in the Linux kernel's Netfilter subsystem in net/netfilter/nf_tables_api.c. This flaw allows a local attacker with user access to cause a privilege escalation issue.