Headline
RHSA-2023:0058: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Issued:
2023-01-10
Updated:
2023-01-10
RHSA-2023:0058 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM
kernel-4.18.0-147.78.1.el8_1.src.rpm
SHA-256: 602c8499f07aa1cc0424eb4c34c2876c54dc8d84a9f79e6593088d3996b3c420
ppc64le
bpftool-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: b9e65925a4cadf72cdc74f177ef440ee15b7aec823f736aad5260d67bcf5826a
bpftool-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 4c8de26b84e151443f7cd69db056cd105f2086a0145e8038d58e304f39f938c9
kernel-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 38f0d9eac287cc25d372dd24dfa7199c5f5e9c3f28589b3dab879312e746c37f
kernel-abi-whitelists-4.18.0-147.78.1.el8_1.noarch.rpm
SHA-256: d1c69a95c7084fa27c889af8c44d301ee084085a2a264cc5601fee574e5744fd
kernel-core-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 34cc3029088e401a65da272d1636c8ca210184b00fb9676f60216ec33007b06c
kernel-cross-headers-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 2f431a5ab7379dca78173aa566ef38dd571d763da3c86cfd8eef1db8e0282723
kernel-debug-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 7c33f41cbdf2cf0bc99b81a9843c8622e15897330ca9893064a48d8acf74895d
kernel-debug-core-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 6565e37de15aefba504047af4e75bf35054c572eed8face33085ca0c9011e967
kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 7c9c38cb9936c4bed776ae127882c50bbeb9cb2b29a8861a69cf6b254bd17171
kernel-debug-devel-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: fd9dec9a38dd90639da51be8bc124c8b334d84a6bab60b78330f75621bf4ff71
kernel-debug-modules-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: f2126170140f922cc472be337215c7bbdbee7c66a245efcc788b1687ad2a9889
kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 850f16faf110da9983ebad115afc096e1e1888cfb1cc9915e8a5ca5cd3bc0fab
kernel-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 53fda012c1cf21bfbef5ed8628481a7a59d84afbc054d60a69463c30f08d942e
kernel-debuginfo-common-ppc64le-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 5e918d96849c66ccd674bc3c58ce0abcc9aceca72d9588c46cab1ab776cc582b
kernel-devel-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 535f61bea6e759cb9ef6398d314b5cda68a9bec7dfad81b31aa1277d858e801b
kernel-doc-4.18.0-147.78.1.el8_1.noarch.rpm
SHA-256: cf461fe4030ebf6e23c7d83ce7b820afaf3c8b031a1b2d70ff17c59f4bbcc1e4
kernel-headers-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: f1cbc76731e8d404eee55c17c31e617937fcf57ef8c0a0ae6f2cb04ba19cb9f0
kernel-modules-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: e867e2ed864245d575d9e9b0b246b2e032ec9c2a371ddbeb1f4507f411be51ed
kernel-modules-extra-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: da034faca40a6b52d697f931aa1043ca553e825f017fad7a25adc6e52866e961
kernel-tools-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 79d9fb37827c8e2ee358f34461752c7b4d8a4a38ec2deab5fcea0856f0f2e246
kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: dd82cba9192f62cfe181b324a74a079d8673da5b3082eb9c1d3ab0cb4abd19bb
kernel-tools-libs-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 64c767e0732c64ab964ad216d49592ae258dd4f6c62b823ed2624782cc4d7a56
perf-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 620f666e70e42478a77c8f41a472e4eedee80e1bd4b3f52d449abf7c4b7410e1
perf-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 5fc0138c416f51ede7460df0d00c52bb774854fb0202215db436a6a2e9d5e166
python3-perf-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 3b82c533b0735108bfca32c2ec541674aa3f71956f7241bf607db54f8814f490
python3-perf-debuginfo-4.18.0-147.78.1.el8_1.ppc64le.rpm
SHA-256: 451bbae2292c7d7ed5c19d9439464ff8dc96e1f082cfcc206e3d9cadde12eda1
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM
kernel-4.18.0-147.78.1.el8_1.src.rpm
SHA-256: 602c8499f07aa1cc0424eb4c34c2876c54dc8d84a9f79e6593088d3996b3c420
x86_64
bpftool-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 4a715d580b9b06b16ddc5ceeb77df7e708076abbc90e5a8d05a4181e9fa7dd11
bpftool-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 66250d1831a32011e14e3bf854239797c21ab0a6407c76c95bcccfc79f598e7c
kernel-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 6e51a7af47f506d95cb6c752470b0472603a09aae600f391513809dfea8d6ba4
kernel-abi-whitelists-4.18.0-147.78.1.el8_1.noarch.rpm
SHA-256: d1c69a95c7084fa27c889af8c44d301ee084085a2a264cc5601fee574e5744fd
kernel-core-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: fbdc6a8735a8971266e91db720d88e21c16d96c6ccf070004d777b292a4f2c16
kernel-cross-headers-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 5692243f2edc978c512a0fb11e9fd30bcf3d715c52bae0a5020780cc1f3ffa42
kernel-debug-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 1e30348b4c8d6aae44bfde7941d2d960fe62684151b28989c419a84aa3017476
kernel-debug-core-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 3ac7eebeee78921ee8d6e1226bbd9213151c5336f4a3b7a952a7f0192692cdec
kernel-debug-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: abb1107d189c52179a1f19c9324d242a568303eb7ed93fe696b28e57576810f7
kernel-debug-devel-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 90c50766f4c7933fb0e140e3139e2e2356a22c9822f4c59817ff2d6dd16a677e
kernel-debug-modules-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: bdf03c0dba5ecacd6144cec4bc1d826cf78fa20469f061c62587fa17c44bd24e
kernel-debug-modules-extra-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 3ede11d40af761609f86e5525fc260afc8d0ed79c00def68a6100f22934ab2e7
kernel-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 9c4197ca35946f4150e433add9de7e4ed71906e5cc8c806f7b15789382154c34
kernel-debuginfo-common-x86_64-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 2b0049784aace5d05246401098e844d0ceba3a3a72a235147d0693173f50d220
kernel-devel-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 8f25ecb177d4709a1fa27ebd12126647235f24b998d0198b43d8dcc0ce5be7dc
kernel-doc-4.18.0-147.78.1.el8_1.noarch.rpm
SHA-256: cf461fe4030ebf6e23c7d83ce7b820afaf3c8b031a1b2d70ff17c59f4bbcc1e4
kernel-headers-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 9cdec6be74cec0066a4f10896c5eb6915b975746565c3c3d7e26d2f8a782230d
kernel-modules-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 60054d32980bec3d860588a85de5ce5026b8ac1a5231ea4d0b101ea87a5b48c5
kernel-modules-extra-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: bc27502c2287f2c7aac9d52b2dec040a164bc6ee175bd69dd88e99ed85d42002
kernel-tools-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 2e82c71037d20bbd722151e1c057a0dc19db2a6a205fd23a841f668ced49cb78
kernel-tools-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: b0052e80295d86050308c00682c308c56e0bef7ffb138818825402cb9b0e7d53
kernel-tools-libs-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 6b35960f51e6908eefb5faf0c0771336da08bfa9ab2011538ffa08bbaa5275ef
perf-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: cc123df94f32156f280d38c23ee8ae1d779f0fa1f1d14e81b7fc404a789862c7
perf-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 010a1ce29894e552e01058b17761b1c48135e98d8692a23e0e9c5bd1ea852d4b
python3-perf-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: bf548fe1501b009ad4cc14f2be57246295efa27dcc14fb8ead39fdbcd06c2bda
python3-perf-debuginfo-4.18.0-147.78.1.el8_1.x86_64.rpm
SHA-256: 5c93fa51f4aba710514b4f26888cfe35e461813ebe0926ff4376bdd37b4a6785
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi-co...
Red Hat Security Advisory 2022-8889-01 - This is an Openshift Logging bug fix release. Issues addressed include a denial of service vulnerability.
Openshift Logging Bug Fix Release (5.3.14) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays
Red Hat Security Advisory 2022-8781-01 - Logging Subsystem for Red Hat OpenShift has a security update. Issues addressed include a denial of service vulnerability.
Logging Subsystem 5.5.5 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-2879: golang: archive/tar: unbounded memory consumption when reading headers * CVE-2022-2880: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * CVE-2022-27664: golang: net/http: handle server errors after sending GOAWAY * CVE-2022-32189: golang: math/b...
Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-0854: ...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-085...
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large arguments...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large argume...