Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0058: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Red Hat Security Data
#vulnerability#linux#red_hat#sap

Issued:

2023-01-10

Updated:

2023-01-10

RHSA-2023:0058 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kernel security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM

kernel-4.18.0-147.78.1.el8_1.src.rpm

SHA-256: 602c8499f07aa1cc0424eb4c34c2876c54dc8d84a9f79e6593088d3996b3c420

ppc64le

bpftool-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: b9e65925a4cadf72cdc74f177ef440ee15b7aec823f736aad5260d67bcf5826a

bpftool-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 4c8de26b84e151443f7cd69db056cd105f2086a0145e8038d58e304f39f938c9

kernel-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 38f0d9eac287cc25d372dd24dfa7199c5f5e9c3f28589b3dab879312e746c37f

kernel-abi-whitelists-4.18.0-147.78.1.el8_1.noarch.rpm

SHA-256: d1c69a95c7084fa27c889af8c44d301ee084085a2a264cc5601fee574e5744fd

kernel-core-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 34cc3029088e401a65da272d1636c8ca210184b00fb9676f60216ec33007b06c

kernel-cross-headers-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 2f431a5ab7379dca78173aa566ef38dd571d763da3c86cfd8eef1db8e0282723

kernel-debug-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 7c33f41cbdf2cf0bc99b81a9843c8622e15897330ca9893064a48d8acf74895d

kernel-debug-core-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 6565e37de15aefba504047af4e75bf35054c572eed8face33085ca0c9011e967

kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 7c9c38cb9936c4bed776ae127882c50bbeb9cb2b29a8861a69cf6b254bd17171

kernel-debug-devel-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: fd9dec9a38dd90639da51be8bc124c8b334d84a6bab60b78330f75621bf4ff71

kernel-debug-modules-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: f2126170140f922cc472be337215c7bbdbee7c66a245efcc788b1687ad2a9889

kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 850f16faf110da9983ebad115afc096e1e1888cfb1cc9915e8a5ca5cd3bc0fab

kernel-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 53fda012c1cf21bfbef5ed8628481a7a59d84afbc054d60a69463c30f08d942e

kernel-debuginfo-common-ppc64le-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 5e918d96849c66ccd674bc3c58ce0abcc9aceca72d9588c46cab1ab776cc582b

kernel-devel-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 535f61bea6e759cb9ef6398d314b5cda68a9bec7dfad81b31aa1277d858e801b

kernel-doc-4.18.0-147.78.1.el8_1.noarch.rpm

SHA-256: cf461fe4030ebf6e23c7d83ce7b820afaf3c8b031a1b2d70ff17c59f4bbcc1e4

kernel-headers-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: f1cbc76731e8d404eee55c17c31e617937fcf57ef8c0a0ae6f2cb04ba19cb9f0

kernel-modules-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: e867e2ed864245d575d9e9b0b246b2e032ec9c2a371ddbeb1f4507f411be51ed

kernel-modules-extra-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: da034faca40a6b52d697f931aa1043ca553e825f017fad7a25adc6e52866e961

kernel-tools-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 79d9fb37827c8e2ee358f34461752c7b4d8a4a38ec2deab5fcea0856f0f2e246

kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: dd82cba9192f62cfe181b324a74a079d8673da5b3082eb9c1d3ab0cb4abd19bb

kernel-tools-libs-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 64c767e0732c64ab964ad216d49592ae258dd4f6c62b823ed2624782cc4d7a56

perf-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 620f666e70e42478a77c8f41a472e4eedee80e1bd4b3f52d449abf7c4b7410e1

perf-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 5fc0138c416f51ede7460df0d00c52bb774854fb0202215db436a6a2e9d5e166

python3-perf-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 3b82c533b0735108bfca32c2ec541674aa3f71956f7241bf607db54f8814f490

python3-perf-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm

SHA-256: 451bbae2292c7d7ed5c19d9439464ff8dc96e1f082cfcc206e3d9cadde12eda1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM

kernel-4.18.0-147.78.1.el8_1.src.rpm

SHA-256: 602c8499f07aa1cc0424eb4c34c2876c54dc8d84a9f79e6593088d3996b3c420

x86_64

bpftool-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 4a715d580b9b06b16ddc5ceeb77df7e708076abbc90e5a8d05a4181e9fa7dd11

bpftool-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 66250d1831a32011e14e3bf854239797c21ab0a6407c76c95bcccfc79f598e7c

kernel-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 6e51a7af47f506d95cb6c752470b0472603a09aae600f391513809dfea8d6ba4

kernel-abi-whitelists-4.18.0-147.78.1.el8_1.noarch.rpm

SHA-256: d1c69a95c7084fa27c889af8c44d301ee084085a2a264cc5601fee574e5744fd

kernel-core-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: fbdc6a8735a8971266e91db720d88e21c16d96c6ccf070004d777b292a4f2c16

kernel-cross-headers-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 5692243f2edc978c512a0fb11e9fd30bcf3d715c52bae0a5020780cc1f3ffa42

kernel-debug-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 1e30348b4c8d6aae44bfde7941d2d960fe62684151b28989c419a84aa3017476

kernel-debug-core-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 3ac7eebeee78921ee8d6e1226bbd9213151c5336f4a3b7a952a7f0192692cdec

kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: abb1107d189c52179a1f19c9324d242a568303eb7ed93fe696b28e57576810f7

kernel-debug-devel-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 90c50766f4c7933fb0e140e3139e2e2356a22c9822f4c59817ff2d6dd16a677e

kernel-debug-modules-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: bdf03c0dba5ecacd6144cec4bc1d826cf78fa20469f061c62587fa17c44bd24e

kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 3ede11d40af761609f86e5525fc260afc8d0ed79c00def68a6100f22934ab2e7

kernel-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 9c4197ca35946f4150e433add9de7e4ed71906e5cc8c806f7b15789382154c34

kernel-debuginfo-common-x86_64-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 2b0049784aace5d05246401098e844d0ceba3a3a72a235147d0693173f50d220

kernel-devel-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 8f25ecb177d4709a1fa27ebd12126647235f24b998d0198b43d8dcc0ce5be7dc

kernel-doc-4.18.0-147.78.1.el8_1.noarch.rpm

SHA-256: cf461fe4030ebf6e23c7d83ce7b820afaf3c8b031a1b2d70ff17c59f4bbcc1e4

kernel-headers-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 9cdec6be74cec0066a4f10896c5eb6915b975746565c3c3d7e26d2f8a782230d

kernel-modules-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 60054d32980bec3d860588a85de5ce5026b8ac1a5231ea4d0b101ea87a5b48c5

kernel-modules-extra-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: bc27502c2287f2c7aac9d52b2dec040a164bc6ee175bd69dd88e99ed85d42002

kernel-tools-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 2e82c71037d20bbd722151e1c057a0dc19db2a6a205fd23a841f668ced49cb78

kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: b0052e80295d86050308c00682c308c56e0bef7ffb138818825402cb9b0e7d53

kernel-tools-libs-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 6b35960f51e6908eefb5faf0c0771336da08bfa9ab2011538ffa08bbaa5275ef

perf-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: cc123df94f32156f280d38c23ee8ae1d779f0fa1f1d14e81b7fc404a789862c7

perf-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 010a1ce29894e552e01058b17761b1c48135e98d8692a23e0e9c5bd1ea852d4b

python3-perf-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: bf548fe1501b009ad4cc14f2be57246295efa27dcc14fb8ead39fdbcd06c2bda

python3-perf-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm

SHA-256: 5c93fa51f4aba710514b4f26888cfe35e461813ebe0926ff4376bdd37b4a6785

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2022-46756: DSA-2022-335: Dell VxRail Security Update for Multiple Third-Party Component Vulnerabilities

Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.

RHSA-2022:8973: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi-co...

Red Hat Security Advisory 2022-8889-01

Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.

RHSA-2022:8889: Red Hat Security Advisory: Openshift Logging 5.3.14 bug fix release and security update

Openshift Logging Bug Fix Release (5.3.14) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays

Red Hat Security Advisory 2022-8781-01

Red Hat Security Advisory 2022-8781-01 - Logging Subsystem for Red Hat OpenShift has a security update. Issues addressed include a denial of service vulnerability.

RHSA-2022:8781: Red Hat Security Advisory: Logging Subsystem 5.5.5 - Red Hat OpenShift security update

Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...

Red Hat Security Advisory 2022-7933-01

Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

RHSA-2022:8267: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-0854: ...

RHSA-2022:7933: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-085...

RHSA-2022:7683: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large arguments...

RHSA-2022:7444: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large argume...