Headline
RHSA-2023:4531: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-42896: A use-after-free flaw was found in the Linux kernel’s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
- CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation.
- CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which can later lead to double freeing the structure. This flaw allows a local attacker to cause a use-after-free problem, leading to privilege escalation.
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
- kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation (CVE-2023-1281)
- kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter (CVE-2023-1829)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.8 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Fixes
- BZ - 2147364 - CVE-2022-42896 kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c
- BZ - 2181847 - CVE-2023-1281 kernel: tcindex: use-after-free vulnerability in traffic control index filter allows privilege escalation
- BZ - 2188470 - CVE-2023-1829 kernel: Use-after-free vulnerability in the Linux Kernel traffic control index filter
Red Hat Enterprise Linux for x86_64 8
SRPM
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm
SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm
SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm
SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a
x86_64
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm
SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e
kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm
SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12
kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm
SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm
SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee
kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2
kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm
SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb
kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02
kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8
SRPM
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm
SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm
SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm
SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a
x86_64
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm
SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e
kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm
SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12
kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm
SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm
SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee
kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2
kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm
SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb
kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02
kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47
Red Hat Enterprise Linux for Power, little endian 8
SRPM
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm
SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm
SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm
SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a
ppc64le
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.ppc64le.rpm
SHA-256: 1b0260a357c5fa91e11f28e656d764d839873d55ba05670d41bb924ffc527e01
kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.ppc64le.rpm
SHA-256: 36e679f58124d6a9c687a5777cbc8dbbfe65b68ef0ee26f55e2dd2e7f61164ab
kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.ppc64le.rpm
SHA-256: 3a60fa3b8ef261dfe438cb4708c2bf60d4de7f8ed92753ffa3c9277758e9c4ee
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.ppc64le.rpm
SHA-256: c9618340d70cec102df050de2ea04eb70a112111ff1b8a4d11de287d05c8b636
kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.ppc64le.rpm
SHA-256: aeca14eae47d11be53516a6df450b40611e07a910d0174fd46278cc5dae55f0e
kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.ppc64le.rpm
SHA-256: d1d3891ea54c25902c37a8b0ec4f59fed04ae6fcb059c84d99c38681fa85bfb2
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.ppc64le.rpm
SHA-256: 113f72d3cd9fcf1c23007dc8bc68e17aca8b53c09c2b9e2252a2139ca8a43d22
kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.ppc64le.rpm
SHA-256: 4bb9fadb041096f7ae37597c12892b3fd2afe14d1bab3015f5cbcba4f7216493
kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.ppc64le.rpm
SHA-256: 26fce6d96d090fb6d902fa3c22a7ba2896fba101f6fa70eecdf9835bf8554b73
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8
SRPM
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm
SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm
SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm
SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a
ppc64le
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.ppc64le.rpm
SHA-256: 1b0260a357c5fa91e11f28e656d764d839873d55ba05670d41bb924ffc527e01
kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.ppc64le.rpm
SHA-256: 36e679f58124d6a9c687a5777cbc8dbbfe65b68ef0ee26f55e2dd2e7f61164ab
kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.ppc64le.rpm
SHA-256: 3a60fa3b8ef261dfe438cb4708c2bf60d4de7f8ed92753ffa3c9277758e9c4ee
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.ppc64le.rpm
SHA-256: c9618340d70cec102df050de2ea04eb70a112111ff1b8a4d11de287d05c8b636
kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.ppc64le.rpm
SHA-256: aeca14eae47d11be53516a6df450b40611e07a910d0174fd46278cc5dae55f0e
kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.ppc64le.rpm
SHA-256: d1d3891ea54c25902c37a8b0ec4f59fed04ae6fcb059c84d99c38681fa85bfb2
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.ppc64le.rpm
SHA-256: 113f72d3cd9fcf1c23007dc8bc68e17aca8b53c09c2b9e2252a2139ca8a43d22
kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.ppc64le.rpm
SHA-256: 4bb9fadb041096f7ae37597c12892b3fd2afe14d1bab3015f5cbcba4f7216493
kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.ppc64le.rpm
SHA-256: 26fce6d96d090fb6d902fa3c22a7ba2896fba101f6fa70eecdf9835bf8554b73
Red Hat Enterprise Linux Server - TUS 8.8
SRPM
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm
SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm
SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm
SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a
x86_64
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm
SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e
kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm
SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12
kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm
SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm
SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee
kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2
kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm
SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb
kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02
kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8
SRPM
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm
SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm
SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm
SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a
ppc64le
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.ppc64le.rpm
SHA-256: 1b0260a357c5fa91e11f28e656d764d839873d55ba05670d41bb924ffc527e01
kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.ppc64le.rpm
SHA-256: 36e679f58124d6a9c687a5777cbc8dbbfe65b68ef0ee26f55e2dd2e7f61164ab
kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.ppc64le.rpm
SHA-256: 3a60fa3b8ef261dfe438cb4708c2bf60d4de7f8ed92753ffa3c9277758e9c4ee
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.ppc64le.rpm
SHA-256: c9618340d70cec102df050de2ea04eb70a112111ff1b8a4d11de287d05c8b636
kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.ppc64le.rpm
SHA-256: aeca14eae47d11be53516a6df450b40611e07a910d0174fd46278cc5dae55f0e
kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.ppc64le.rpm
SHA-256: d1d3891ea54c25902c37a8b0ec4f59fed04ae6fcb059c84d99c38681fa85bfb2
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.ppc64le.rpm
SHA-256: 113f72d3cd9fcf1c23007dc8bc68e17aca8b53c09c2b9e2252a2139ca8a43d22
kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.ppc64le.rpm
SHA-256: 4bb9fadb041096f7ae37597c12892b3fd2afe14d1bab3015f5cbcba4f7216493
kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.ppc64le.rpm
SHA-256: 26fce6d96d090fb6d902fa3c22a7ba2896fba101f6fa70eecdf9835bf8554b73
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8
SRPM
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.src.rpm
SHA-256: a6f089b1b453ea3f05c8d09eb111fdb432c89828e72ff109c040aaf22a905336
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.src.rpm
SHA-256: 640d06ac2ee48027f4eb79480f9411cf528ec6486682b3430e2996a9809ac919
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.src.rpm
SHA-256: 0a20a04c308c1dcc6aa7766a0bec4d1d01bfbbf1a1f42955ba5862eb22f0423a
x86_64
kpatch-patch-4_18_0-477_10_1-1-2.el8_8.x86_64.rpm
SHA-256: dbc7e1bf1d7edfde845533b4b993bc49e74d925e4e9cf7e623830870f5ea7a4e
kpatch-patch-4_18_0-477_10_1-debuginfo-1-2.el8_8.x86_64.rpm
SHA-256: 99341f18c0d1dabebdb3ffe91ae5c07aa38a49230b41527f33c5d624505acf12
kpatch-patch-4_18_0-477_10_1-debugsource-1-2.el8_8.x86_64.rpm
SHA-256: 9d8bc95d5e0521ff05bd2c8df10fe5a6212fa90c1b644e63640d2099484bfa55
kpatch-patch-4_18_0-477_13_1-1-1.el8_8.x86_64.rpm
SHA-256: c36375a083eb5a979f47e8ab15729d8114c0f76047e03bd59531394f665f4fee
kpatch-patch-4_18_0-477_13_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: 4deed2c35609c2cc4d4c2bdc34a533931fb7fbc417df419b93be1824f680b2a2
kpatch-patch-4_18_0-477_13_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 1fb2e04dba39c629ee9af9b55bd6c00d371b4399898e32a812099b2ea699200a
kpatch-patch-4_18_0-477_15_1-1-1.el8_8.x86_64.rpm
SHA-256: daddda541bab3d191f011fcacf577582cd8113caab1e895b784ad4b07de844cb
kpatch-patch-4_18_0-477_15_1-debuginfo-1-1.el8_8.x86_64.rpm
SHA-256: d3f032a174bd2e3f364c1027b1b7bb4b96d6591160e12b70cd44a8fd48920d02
kpatch-patch-4_18_0-477_15_1-debugsource-1-1.el8_8.x86_64.rpm
SHA-256: 59924fd6142ae452108cfc3faafcadfdb8fc862edd0c8979e157a841ca38dc47
Related news
Red Hat Security Advisory 2024-1249-03 - An update for kernel is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-7431-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Issues addressed include a use-after-free vulnerability.
Red Hat Security Advisory 2023-5589-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1829: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The tcindex_delete does not properly deactivate filters, which ...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code l...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Blue...
Red Hat Security Advisory 2023-4262-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A us...
Red Hat Security Advisory 2023-4145-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4126-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include denial of service, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kpatch-patch-4_18_0-193_100_1, kpatch-patch-4_18_0-193_105_1, kpatch-patch-4_18_0-193_95_1, and kpatch-patch-4_18_0-193_98_1 is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-0461: A use-after-free flaw was found in the Linux kernel’s TLS protocol functionality in how a user installs a tls context (struct tls_context) on a connected TCP socket. This flaw allows a local user...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1016: A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. * CVE-2022-42703: A memory leak flaw with us...
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-1281: A use-after-free vulnerability was found in the traffic control index filter (tcindex) in the Linux kernel. The imperfect hash area can be updated while packets are traversing. This issue could allow a local attacker to cause a use-after-free problem, leading to privilege escalation. * CVE-2023-32233: A use-afte...
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connec...
Ubuntu Security Notice 6133-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 6071-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
Ubuntu Security Notice 6070-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6069-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.
Red Hat Security Advisory 2023-2148-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, privilege escalation, traversal, and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-2458-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, privilege escalation, traversal, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26341: A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. * CVE-2021-33655: An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user to c...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-26341: A flaw was found in hw. This issue can cause AMD CPUs to transiently execute beyond unconditional direct branches. * CVE-2021-33655: An out-of-bounds write flaw was found in the Linux kernel’s framebuffer-based console driver functionality in the way a user triggers ioctl FBIOPUT_VSCREENINFO with malicious data. This flaw allows a local user t...
Ubuntu Security Notice 6047-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed.
Ubuntu Security Notice 6045-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6044-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 6043-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for thisCVE, kernel support for the TCINDEX classifier has been removed. It was discovered that the OverlayFS implementation in the Linux kernel did not properly handle copy up operation in some conditions. A local attacker could possibly use this to gain elevated privileges.
Ubuntu Security Notice 6029-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the infrared transceiver USB driver did not properly handle USB control messages. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service.
Ubuntu Security Notice 6024-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Lin Ma discovered a race condition in the io_uring subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while deleting the underlying structure which can later lead to double freeing the structure. A local attacker user can use this vulnerability to elevate its privileges to root. We recommend upgrading past commit 8c710f75256bb3cf05ac7b1672c82b92c43f3d28.
Ubuntu Security Notice 5978-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.
Ubuntu Security Notice 5879-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5863-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5832-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5794-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.