Headline
RHSA-2022:1413: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it
- CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation
- CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-04-19
Updated:
2022-04-19
RHSA-2022:1413 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
- kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
- kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the RHEL-8.4.z8 source tree (BZ#2059334)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4 x86_64
Fixes
- BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
- BZ - 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
- BZ - 2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.4
SRPM
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.src.rpm
SHA-256: 37b36ee00d40471d94dbed914ebcdcdcfdf5d351930dc4e71031a49d8ff9c1b8
x86_64
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 64a2c34a6462dee183f70a4231870afc63c51427f39b8b0b064d65db2b28337d
kernel-rt-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: af8f34de65aca49e4fcaa60f38498ede7eafed4e93660ce1d30d7218ba3734ac
kernel-rt-debug-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 26bd39c778865edf8c769f4843b217907889f80ae226dd4070e32625ffc324b8
kernel-rt-debug-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: fe64e38a6750034ec04f4394b6886798d6b7031a0385afc72a4ef5b846676268
kernel-rt-debug-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: cf4c9cb2ea1fa3e666fc372c5328efbbc10013cdaf5b3a8c9678a9eda07af94c
kernel-rt-debug-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: dcb02c5b4c0625050fb0254e9a17d04acb30fe34f068ea3d60ed7c8d9051633b
kernel-rt-debug-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: ea634c1042590baee75ed27beaca98b1e7bb81b67183b75075541b0e54bafb19
kernel-rt-debug-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 8bcc04050af9e4390e53b39b8dd8170ae5b909d30dd352f48d66fc7f7bb22b0b
kernel-rt-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: cc4d9214facb72f46024388bb5573341d850289c7cc7acd589cd93c1aa5e4545
kernel-rt-debuginfo-common-x86_64-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 65cf75b673a98cbd6010aee6e7f1652e1aa8c5c461364fee899b0ed04982bf8f
kernel-rt-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: e693a4f39b87718c5339f9deb8924e7f63d6d3103dfd5b93c49ec82dd56d869c
kernel-rt-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: a826c9ca9e7f0b929d372f9b5c363126cf5c66451e86e82f874760579e620ee6
kernel-rt-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 680ed1df458b5a63e1f73ac39b1f9c927dfa7ebf6f35dfe8f3d8d39fc6aa4e3c
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.4
SRPM
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.src.rpm
SHA-256: 37b36ee00d40471d94dbed914ebcdcdcfdf5d351930dc4e71031a49d8ff9c1b8
x86_64
kernel-rt-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 64a2c34a6462dee183f70a4231870afc63c51427f39b8b0b064d65db2b28337d
kernel-rt-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: af8f34de65aca49e4fcaa60f38498ede7eafed4e93660ce1d30d7218ba3734ac
kernel-rt-debug-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 26bd39c778865edf8c769f4843b217907889f80ae226dd4070e32625ffc324b8
kernel-rt-debug-core-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: fe64e38a6750034ec04f4394b6886798d6b7031a0385afc72a4ef5b846676268
kernel-rt-debug-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: cf4c9cb2ea1fa3e666fc372c5328efbbc10013cdaf5b3a8c9678a9eda07af94c
kernel-rt-debug-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: dcb02c5b4c0625050fb0254e9a17d04acb30fe34f068ea3d60ed7c8d9051633b
kernel-rt-debug-kvm-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 7d9d316590e632d756a7e91990d0bc24e4b892d1412f295c1c060b11b433a1a5
kernel-rt-debug-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: ea634c1042590baee75ed27beaca98b1e7bb81b67183b75075541b0e54bafb19
kernel-rt-debug-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 8bcc04050af9e4390e53b39b8dd8170ae5b909d30dd352f48d66fc7f7bb22b0b
kernel-rt-debuginfo-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: cc4d9214facb72f46024388bb5573341d850289c7cc7acd589cd93c1aa5e4545
kernel-rt-debuginfo-common-x86_64-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 65cf75b673a98cbd6010aee6e7f1652e1aa8c5c461364fee899b0ed04982bf8f
kernel-rt-devel-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: e693a4f39b87718c5339f9deb8924e7f63d6d3103dfd5b93c49ec82dd56d869c
kernel-rt-kvm-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 0a8567b684f2b900f17af6be6228748090f4a40799301bc916c485273a0fa8db
kernel-rt-modules-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: a826c9ca9e7f0b929d372f9b5c363126cf5c66451e86e82f874760579e620ee6
kernel-rt-modules-extra-4.18.0-305.45.1.rt7.117.el8_4.x86_64.rpm
SHA-256: 680ed1df458b5a63e1f73ac39b1f9c927dfa7ebf6f35dfe8f3d8d39fc6aa4e3c
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it * CVE-2022-0492: kernel: cgroups v1 release_agent feature may allow privilege escalation * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for kernel is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-0466: kernel: use after free in eventpoll.c may lead to escalation of privilege * CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation * CVE-2021-4155: kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL * CVE-2022-0492: kernel: cgroups v1 release_agent feature may ...
An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty
An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4091: 389-ds-base: double free of the virtual attribute context in persistent search
Invicti Acunetix before 14 allows CSV injection via the Description field on the Add Targets page, if the Export CSV feature is used.
Red Hat OpenShift Virtualization release 2.6.10 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-33195: golang: net: lookup functions may return invalid host names * CVE-2021-33197: golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty * CVE-2021-33198: golang: math/big.Rat: may cause a panic or an unrecoverable fatal error if passed inputs...
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.
An Access Control vulnerability exists in Desire2Learn/D2L Learning Management System (LMS) 20.21.7 via the quizzing feature, which allows a remote malicious user to disable the Disable right click control.
An update is now available for Red Hat Ceph Storage 3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-20288: ceph: Unauthorized global_id reuse in cephx
The Migration Toolkit for Containers (MTC) 1.5.4 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-36221: golang: net/http/httputil: panic due to racy read of persistConn after handler panic
Swimlane’s Asia-Pacific presence grows 173%, highlighting rising demand for low-code security automation.
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.
Google and other firms are adding security configuration to software so cloud applications and services have well-defined security settings — a key component of DevSecOps.
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.
IT departments must account for the business impact and security risks such applications introduce.
Heap buffer overflow issues were found in Opensc before version 0.22.0 in pkcs15-oberthur.c that could potentially crash programs using the library.
Multiple SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.
An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file.
An exploitable code execution vulnerability exists in the file format parsing functionality of Graphisoft BIMx Desktop Viewer 2019.2.2328. A specially crafted file can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability.
A flaw was found in Ansible Galaxy Collections. When collections are built manually, any files in the repository directory that are not explicitly excluded via the ``build_ignore`` list in "galaxy.yml" include files in the ``.tar.gz`` file. This contains sensitive info, such as the user's Ansible Galaxy API key and any secrets in ``ansible`` or ``ansible-playbook`` verbose output without the``no_log`` redaction. Currently, there is no way to deprecate a Collection Or delete a Collection Version. Once published, anyone who downloads or installs the collection can view the secrets.
A flaw was found in WildFly Elytron. A variation to the use of a session fixation exploit when using Undertow was found despite Undertow switching the session ID after authentication.
There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system.
A heap double free issue was found in Opensc before version 0.22.0 in sc_pkcs15_free_tokeninfo.
The ongoing war in Ukraine means that defenses are only as good and as strong as those with whom we partner.