Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:4531: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-42896: A use-after-free flaw was found in the Linux kernel’s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
  • CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation.
  • CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privilege escalation.
Red Hat Security Data
#vulnerability#linux#red_hat#perl#rpm#sap

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
  • kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
  • kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2147364 - CVE-2022-42896 kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c
  • BZ - 2181847 - CVE-2023-1281 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation
  • BZ - 2188470 - CVE-2023-1829 kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter

Red Hat Enterprise Linux for x86_64 8

SRPM

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm

SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm

SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm

SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a

x86_64

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm

SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e

kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm

SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12

kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm

SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm

SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee

kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2

kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm

SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb

kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02

kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm

SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm

SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm

SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a

x86_64

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm

SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e

kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm

SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12

kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm

SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm

SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee

kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2

kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm

SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb

kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02

kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47

Red Hat Enterprise Linux for Power, little endian 8

SRPM

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm

SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm

SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm

SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a

ppc64le

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.ppc64le.rpm

SHA-256: 1b0260a357c5fa91e11f28e656d764d839873d55ba05670d41bb924ffc527e01

kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.ppc64le.rpm

SHA-256: 36e679f58124d6a9c687a5777cbc8dbbfe65b68ef0ee26f55e2dd2e7f61164ab

kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.ppc64le.rpm

SHA-256: 3a60fa3b8ef261dfe438cb4708c2bf60d4de7f8ed92753ffa3c9277758e9c4ee

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.ppc64le.rpm

SHA-256: c9618340d70cec102df050de2ea04eb70a112111ff1b8a4d11de287d05c8b636

kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.ppc64le.rpm

SHA-256: aeca14eae47d11be53516a6df450b40611e07a910d0174fd46278cc5dae55f0e

kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.ppc64le.rpm

SHA-256: d1d3891ea54c25902c37a8b0ec4f59fed04ae6fcb059c84d99c38681fa85bfb2

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.ppc64le.rpm

SHA-256: 113f72d3cd9fcf1c23007dc8bc68e17aca8b53c09c2b9e2252a2139ca8a43d22

kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.ppc64le.rpm

SHA-256: 4bb9fadb041096f7ae37597c12892b3fd2afe14d1bab3015f5cbcba4f7216493

kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.ppc64le.rpm

SHA-256: 26fce6d96d090fb6d902fa3c22a7ba2896fba101f6fa70eecdf9835bf8554b73

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm

SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm

SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm

SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a

ppc64le

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.ppc64le.rpm

SHA-256: 1b0260a357c5fa91e11f28e656d764d839873d55ba05670d41bb924ffc527e01

kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.ppc64le.rpm

SHA-256: 36e679f58124d6a9c687a5777cbc8dbbfe65b68ef0ee26f55e2dd2e7f61164ab

kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.ppc64le.rpm

SHA-256: 3a60fa3b8ef261dfe438cb4708c2bf60d4de7f8ed92753ffa3c9277758e9c4ee

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.ppc64le.rpm

SHA-256: c9618340d70cec102df050de2ea04eb70a112111ff1b8a4d11de287d05c8b636

kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.ppc64le.rpm

SHA-256: aeca14eae47d11be53516a6df450b40611e07a910d0174fd46278cc5dae55f0e

kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.ppc64le.rpm

SHA-256: d1d3891ea54c25902c37a8b0ec4f59fed04ae6fcb059c84d99c38681fa85bfb2

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.ppc64le.rpm

SHA-256: 113f72d3cd9fcf1c23007dc8bc68e17aca8b53c09c2b9e2252a2139ca8a43d22

kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.ppc64le.rpm

SHA-256: 4bb9fadb041096f7ae37597c12892b3fd2afe14d1bab3015f5cbcba4f7216493

kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.ppc64le.rpm

SHA-256: 26fce6d96d090fb6d902fa3c22a7ba2896fba101f6fa70eecdf9835bf8554b73

Red Hat Enterprise Linux Server - TUS 8.8

SRPM

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm

SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm

SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm

SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a

x86_64

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm

SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e

kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm

SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12

kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm

SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm

SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee

kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2

kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm

SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb

kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02

kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm

SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm

SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm

SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a

ppc64le

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.ppc64le.rpm

SHA-256: 1b0260a357c5fa91e11f28e656d764d839873d55ba05670d41bb924ffc527e01

kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.ppc64le.rpm

SHA-256: 36e679f58124d6a9c687a5777cbc8dbbfe65b68ef0ee26f55e2dd2e7f61164ab

kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.ppc64le.rpm

SHA-256: 3a60fa3b8ef261dfe438cb4708c2bf60d4de7f8ed92753ffa3c9277758e9c4ee

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.ppc64le.rpm

SHA-256: c9618340d70cec102df050de2ea04eb70a112111ff1b8a4d11de287d05c8b636

kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.ppc64le.rpm

SHA-256: aeca14eae47d11be53516a6df450b40611e07a910d0174fd46278cc5dae55f0e

kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.ppc64le.rpm

SHA-256: d1d3891ea54c25902c37a8b0ec4f59fed04ae6fcb059c84d99c38681fa85bfb2

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.ppc64le.rpm

SHA-256: 113f72d3cd9fcf1c23007dc8bc68e17aca8b53c09c2b9e2252a2139ca8a43d22

kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.ppc64le.rpm

SHA-256: 4bb9fadb041096f7ae37597c12892b3fd2afe14d1bab3015f5cbcba4f7216493

kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.ppc64le.rpm

SHA-256: 26fce6d96d090fb6d902fa3c22a7ba2896fba101f6fa70eecdf9835bf8554b73

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm

SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm

SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm

SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a

x86_64

kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm

SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e

kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm

SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12

kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm

SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55

kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm

SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee

kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2

kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a

kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm

SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb

kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm

SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02

kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm

SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47

Related news

Red Hat Security Advisory 2024-1249-03

Red Hat Security Advisory 2024-1249-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-7431-01

Red Hat Security Advisory 2023-7431-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-5589-01

Red Hat Security Advisory 2023-5589-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4962-01

Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

RHSA-2023:4961: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which ...

RHSA-2023:4888: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code l...

RHSA-2023:4541: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Blue...

Red Hat Security Advisory 2023-4262-01

Red Hat Security Advisory 2023-4262-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:4262: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A us...

Red Hat Security Advisory 2023-4145-01

Red Hat Security Advisory 2023-4145-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4126-01

Red Hat Security Advisory 2023-4126-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4130-01

Red Hat Security Advisory 2023-4130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2023:4146: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch-4_18_0-193_100_1, kpatch-patch-4_18_0-193_105_1, kpatch-patch-4_18_0-193_95_1, and kpatch-patch-4_18_0-193_98_1 is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user...

RHSA-2023:4138: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1016: A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. * CVE-2022-42703: A memory leak flaw with us...

RHSA-2023:3852: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A use-afte...

RHSA-2023:3461: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connec...

Ubuntu Security Notice USN-6133-1

Ubuntu Security Notice 6133-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-6071-1

Ubuntu Security Notice 6071-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6070-1

Ubuntu Security Notice 6070-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6069-1

Ubuntu Security Notice 6069-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.

Red Hat Security Advisory 2023-2148-01

Red Hat Security Advisory 2023-2148-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, privilege escalation, traversal, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-2458-01

Red Hat Security Advisory 2023-2458-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, privilege escalation, traversal, and use-after-free vulnerabilities.

RHSA-2023:2458: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26341: A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. * CVE-2021-33655: An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to c...

RHSA-2023:2148: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26341: A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. * CVE-2021-33655: An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user t...

Ubuntu Security Notice USN-6047-1

Ubuntu Security Notice 6047-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.

Ubuntu Security Notice USN-6045-1

Ubuntu Security Notice 6045-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6044-1

Ubuntu Security Notice 6044-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6043-1

Ubuntu Security Notice 6043-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.

Ubuntu Security Notice USN-6029-1

Ubuntu Security Notice 6029-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service.

Ubuntu Security Notice USN-6024-1

Ubuntu Security Notice 6024-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.

CVE-2023-1829: 🐧🕺

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.

Ubuntu Security Notice USN-5978-1

Ubuntu Security Notice 5978-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.

Ubuntu Security Notice USN-5879-1

Ubuntu Security Notice 5879-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5863-1

Ubuntu Security Notice 5863-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5832-1

Ubuntu Security Notice 5832-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5794-1

Ubuntu Security Notice 5794-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.