Headline
RHSA-2022:8831: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
- CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region (CVE-2022-1158)
- kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6 x86_64
- Red Hat Enterprise Linux Server - AUS 8.6 x86_64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.6 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64
Fixes
- BZ - 2069793 - CVE-2022-1158 kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
- BZ - 2084479 - CVE-2022-2639 kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.6
SRPM
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.src.rpm
SHA-256: 0b2d3c981b7a7ca8d68b33a5be33e2b97bb63aaf1b2593660a087380f849d408
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.src.rpm
SHA-256: ed3d1f7412629c083ab09cc70b46f13c0a1d81b947b73d2a874231bbaea14110
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.src.rpm
SHA-256: 5b5da1bcbf46fdb2cc1a74f779ff42218d7b94b83ff2204ee701c974b3b974a7
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.src.rpm
SHA-256: 69b58000460f7c3f3f816c5b5c5b6024654edc5d4e0708327a9b0cd4490bde68
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.src.rpm
SHA-256: ee7cac0c99cdee99a94d15f4ab79665cdb04b1af027f2418e015a4f978e6956b
kpatch-patch-4_18_0-372_9_1-1-4.el8.src.rpm
SHA-256: c2aec76cc05b7fad755ad1d94a76930d51a191b080a5c4ef3ef038d79293bcf0
x86_64
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.x86_64.rpm
SHA-256: fc99dbdfac45e4ba3c58e7b7cefbf70cf72e0ff105dc7efed9eab5787ef0d84c
kpatch-patch-4_18_0-372_13_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: c504eb504bd8b8da361c614f35bca93e051e01fb200e8dc9f83bd36c76cc6e5c
kpatch-patch-4_18_0-372_13_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 85fdc34f7a20f7b75837f76dc5e50c9f9870c6675922dd65513e1158543b5162
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.x86_64.rpm
SHA-256: 143ceff0add43daca0838040c8b9ba7657bdd9598e61ef86469bfa067171fa8c
kpatch-patch-4_18_0-372_16_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: 9de33b6124fa8e41beea840c19ad4e5af53a98d094578d3acbd6a9f027fe0f5d
kpatch-patch-4_18_0-372_16_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 956f1e8638669073a0233d9a6e639cc4ccbca35ea30508be1683fca7938c9603
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.x86_64.rpm
SHA-256: 0716fd18a388bfb5d28651fb177c237a429cbbdd0fd4d1d0287a654d698c824b
kpatch-patch-4_18_0-372_19_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: bc7095a44f2748b8be5fe1a0bd7de5c50b3aa282e8cf260edcf5dbf42fa69ef3
kpatch-patch-4_18_0-372_19_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: eaabf276e92a7a34cbf68fb72b87e18fad5c40da8a0b764e67be8e9a357502a4
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.x86_64.rpm
SHA-256: d12993637ac5a1b387644485b225e3d9ad5b6fcc2d7e0092974d441001d069bb
kpatch-patch-4_18_0-372_26_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 45874ee751e5d5b38faef944d5341e4b9e83788348ddabf193e7aa4391f2d83b
kpatch-patch-4_18_0-372_26_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: c177cc6eef5845c3638624bbe5e030f0d6126fa9568440c4140c88adc5f6eb85
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.x86_64.rpm
SHA-256: dc07df890d80e8cc51a0a436affa8147fad890eef3cfbb8a74ea429ac77ebb9a
kpatch-patch-4_18_0-372_32_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 8e5946c589e09465b41fc0ee43758d5933c99beed9ee69f2df3595702413b697
kpatch-patch-4_18_0-372_32_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: 6ba0c0baaf71210f1f5ebeb0b26e733e05f8fbdac8dd05208100d372b70e8e14
kpatch-patch-4_18_0-372_9_1-1-4.el8.x86_64.rpm
SHA-256: 26ec792eea24aa65139f326433ea41e5b5474345623f5d19a036cf0e468d5744
kpatch-patch-4_18_0-372_9_1-debuginfo-1-4.el8.x86_64.rpm
SHA-256: 83340293747d6e64ad3f507b4dfb8358908235f52e8f83069e95b6a3dc273764
kpatch-patch-4_18_0-372_9_1-debugsource-1-4.el8.x86_64.rpm
SHA-256: 6e65848958a84b6db4ec6cdb29076f5f89e59bc186c584191caa9e84a15ee0b1
Red Hat Enterprise Linux Server - AUS 8.6
SRPM
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.src.rpm
SHA-256: 0b2d3c981b7a7ca8d68b33a5be33e2b97bb63aaf1b2593660a087380f849d408
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.src.rpm
SHA-256: ed3d1f7412629c083ab09cc70b46f13c0a1d81b947b73d2a874231bbaea14110
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.src.rpm
SHA-256: 5b5da1bcbf46fdb2cc1a74f779ff42218d7b94b83ff2204ee701c974b3b974a7
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.src.rpm
SHA-256: 69b58000460f7c3f3f816c5b5c5b6024654edc5d4e0708327a9b0cd4490bde68
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.src.rpm
SHA-256: ee7cac0c99cdee99a94d15f4ab79665cdb04b1af027f2418e015a4f978e6956b
kpatch-patch-4_18_0-372_9_1-1-4.el8.src.rpm
SHA-256: c2aec76cc05b7fad755ad1d94a76930d51a191b080a5c4ef3ef038d79293bcf0
x86_64
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.x86_64.rpm
SHA-256: fc99dbdfac45e4ba3c58e7b7cefbf70cf72e0ff105dc7efed9eab5787ef0d84c
kpatch-patch-4_18_0-372_13_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: c504eb504bd8b8da361c614f35bca93e051e01fb200e8dc9f83bd36c76cc6e5c
kpatch-patch-4_18_0-372_13_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 85fdc34f7a20f7b75837f76dc5e50c9f9870c6675922dd65513e1158543b5162
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.x86_64.rpm
SHA-256: 143ceff0add43daca0838040c8b9ba7657bdd9598e61ef86469bfa067171fa8c
kpatch-patch-4_18_0-372_16_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: 9de33b6124fa8e41beea840c19ad4e5af53a98d094578d3acbd6a9f027fe0f5d
kpatch-patch-4_18_0-372_16_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 956f1e8638669073a0233d9a6e639cc4ccbca35ea30508be1683fca7938c9603
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.x86_64.rpm
SHA-256: 0716fd18a388bfb5d28651fb177c237a429cbbdd0fd4d1d0287a654d698c824b
kpatch-patch-4_18_0-372_19_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: bc7095a44f2748b8be5fe1a0bd7de5c50b3aa282e8cf260edcf5dbf42fa69ef3
kpatch-patch-4_18_0-372_19_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: eaabf276e92a7a34cbf68fb72b87e18fad5c40da8a0b764e67be8e9a357502a4
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.x86_64.rpm
SHA-256: d12993637ac5a1b387644485b225e3d9ad5b6fcc2d7e0092974d441001d069bb
kpatch-patch-4_18_0-372_26_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 45874ee751e5d5b38faef944d5341e4b9e83788348ddabf193e7aa4391f2d83b
kpatch-patch-4_18_0-372_26_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: c177cc6eef5845c3638624bbe5e030f0d6126fa9568440c4140c88adc5f6eb85
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.x86_64.rpm
SHA-256: dc07df890d80e8cc51a0a436affa8147fad890eef3cfbb8a74ea429ac77ebb9a
kpatch-patch-4_18_0-372_32_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 8e5946c589e09465b41fc0ee43758d5933c99beed9ee69f2df3595702413b697
kpatch-patch-4_18_0-372_32_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: 6ba0c0baaf71210f1f5ebeb0b26e733e05f8fbdac8dd05208100d372b70e8e14
kpatch-patch-4_18_0-372_9_1-1-4.el8.x86_64.rpm
SHA-256: 26ec792eea24aa65139f326433ea41e5b5474345623f5d19a036cf0e468d5744
kpatch-patch-4_18_0-372_9_1-debuginfo-1-4.el8.x86_64.rpm
SHA-256: 83340293747d6e64ad3f507b4dfb8358908235f52e8f83069e95b6a3dc273764
kpatch-patch-4_18_0-372_9_1-debugsource-1-4.el8.x86_64.rpm
SHA-256: 6e65848958a84b6db4ec6cdb29076f5f89e59bc186c584191caa9e84a15ee0b1
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.6
SRPM
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.src.rpm
SHA-256: 0b2d3c981b7a7ca8d68b33a5be33e2b97bb63aaf1b2593660a087380f849d408
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.src.rpm
SHA-256: ed3d1f7412629c083ab09cc70b46f13c0a1d81b947b73d2a874231bbaea14110
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.src.rpm
SHA-256: 5b5da1bcbf46fdb2cc1a74f779ff42218d7b94b83ff2204ee701c974b3b974a7
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.src.rpm
SHA-256: 69b58000460f7c3f3f816c5b5c5b6024654edc5d4e0708327a9b0cd4490bde68
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.src.rpm
SHA-256: ee7cac0c99cdee99a94d15f4ab79665cdb04b1af027f2418e015a4f978e6956b
kpatch-patch-4_18_0-372_9_1-1-4.el8.src.rpm
SHA-256: c2aec76cc05b7fad755ad1d94a76930d51a191b080a5c4ef3ef038d79293bcf0
ppc64le
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.ppc64le.rpm
SHA-256: cb7cea9e2624334a0e26e11d311771e11f72ab07103892a31081780ea50b6f9a
kpatch-patch-4_18_0-372_13_1-debuginfo-1-3.el8_6.ppc64le.rpm
SHA-256: d0d75b8529a6a88eb2914bd3c69c9ed501ab76f375a111ba32b2c5474eb4941d
kpatch-patch-4_18_0-372_13_1-debugsource-1-3.el8_6.ppc64le.rpm
SHA-256: 4ad0a3922fe7e5b602e77a727b229c7eae19c47701948a7a27bb221873a6f644
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.ppc64le.rpm
SHA-256: 394ad872f4f622aff005db0c4968e396d546bc50043d0ae34a098e78885eaa0e
kpatch-patch-4_18_0-372_16_1-debuginfo-1-3.el8_6.ppc64le.rpm
SHA-256: 1669694e56f48bd5e4d78f8fba6fa9947c9f4e32ac750912bd23b1b368593052
kpatch-patch-4_18_0-372_16_1-debugsource-1-3.el8_6.ppc64le.rpm
SHA-256: 90cc346205710b8d0c5c007ff42b63c7c1db64a5f8d91124ca0da6b136909adf
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.ppc64le.rpm
SHA-256: e36273586f6f8911307069f305e6d2bb3b8774502522f3b4a094d8fffffb617d
kpatch-patch-4_18_0-372_19_1-debuginfo-1-2.el8_6.ppc64le.rpm
SHA-256: f7000523f97cb34ad319c8220c047b2a4e30a472e6cfb0c8b407b6877286a88c
kpatch-patch-4_18_0-372_19_1-debugsource-1-2.el8_6.ppc64le.rpm
SHA-256: d6b89f69fc366c178016287608ba261a309e19ae34dc123eee18c5bc46a23e4e
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.ppc64le.rpm
SHA-256: 345545385bb4138c1db0c7673b041074b1960264d6f40e23818902a986e693d9
kpatch-patch-4_18_0-372_26_1-debuginfo-1-2.el8_6.ppc64le.rpm
SHA-256: 3d77d4991c30b3277357fa82e5ea174f48d12c352e5b28a001583d5b8d92b036
kpatch-patch-4_18_0-372_26_1-debugsource-1-2.el8_6.ppc64le.rpm
SHA-256: c8a63cfad6d17ad72d746e87334eee8985c68f11678f494e745ee9da604a44f2
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.ppc64le.rpm
SHA-256: 514a00e5a27b325e55afbeadefe1db9f25946786232d8cd72d228c4075582009
kpatch-patch-4_18_0-372_32_1-debuginfo-1-1.el8_6.ppc64le.rpm
SHA-256: dfaad44d92ef6fbd0f4317b6e9ae0727e1aa990cdde5bd5324732c62ae0ebd0b
kpatch-patch-4_18_0-372_32_1-debugsource-1-1.el8_6.ppc64le.rpm
SHA-256: 19bb1f500e8243660378b6c2153c1e7bc7fdb045366c4cf6f5eafa3d5092173a
kpatch-patch-4_18_0-372_9_1-1-4.el8.ppc64le.rpm
SHA-256: 12d4d1ac18de0e1e3cb501aedc9ede25e453c4231d74d557ed3fc63e4533d89f
kpatch-patch-4_18_0-372_9_1-debuginfo-1-4.el8.ppc64le.rpm
SHA-256: 73078a7f1a2474181a9aa6a1a878dfb771aa6e5171d68291e0d95ff6498a4849
kpatch-patch-4_18_0-372_9_1-debugsource-1-4.el8.ppc64le.rpm
SHA-256: 1521be5cea92df2994685d97c1e6cc5fef99ad6c161e29f51efc302831a110e9
Red Hat Enterprise Linux Server - TUS 8.6
SRPM
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.src.rpm
SHA-256: 0b2d3c981b7a7ca8d68b33a5be33e2b97bb63aaf1b2593660a087380f849d408
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.src.rpm
SHA-256: ed3d1f7412629c083ab09cc70b46f13c0a1d81b947b73d2a874231bbaea14110
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.src.rpm
SHA-256: 5b5da1bcbf46fdb2cc1a74f779ff42218d7b94b83ff2204ee701c974b3b974a7
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.src.rpm
SHA-256: 69b58000460f7c3f3f816c5b5c5b6024654edc5d4e0708327a9b0cd4490bde68
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.src.rpm
SHA-256: ee7cac0c99cdee99a94d15f4ab79665cdb04b1af027f2418e015a4f978e6956b
kpatch-patch-4_18_0-372_9_1-1-4.el8.src.rpm
SHA-256: c2aec76cc05b7fad755ad1d94a76930d51a191b080a5c4ef3ef038d79293bcf0
x86_64
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.x86_64.rpm
SHA-256: fc99dbdfac45e4ba3c58e7b7cefbf70cf72e0ff105dc7efed9eab5787ef0d84c
kpatch-patch-4_18_0-372_13_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: c504eb504bd8b8da361c614f35bca93e051e01fb200e8dc9f83bd36c76cc6e5c
kpatch-patch-4_18_0-372_13_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 85fdc34f7a20f7b75837f76dc5e50c9f9870c6675922dd65513e1158543b5162
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.x86_64.rpm
SHA-256: 143ceff0add43daca0838040c8b9ba7657bdd9598e61ef86469bfa067171fa8c
kpatch-patch-4_18_0-372_16_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: 9de33b6124fa8e41beea840c19ad4e5af53a98d094578d3acbd6a9f027fe0f5d
kpatch-patch-4_18_0-372_16_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 956f1e8638669073a0233d9a6e639cc4ccbca35ea30508be1683fca7938c9603
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.x86_64.rpm
SHA-256: 0716fd18a388bfb5d28651fb177c237a429cbbdd0fd4d1d0287a654d698c824b
kpatch-patch-4_18_0-372_19_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: bc7095a44f2748b8be5fe1a0bd7de5c50b3aa282e8cf260edcf5dbf42fa69ef3
kpatch-patch-4_18_0-372_19_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: eaabf276e92a7a34cbf68fb72b87e18fad5c40da8a0b764e67be8e9a357502a4
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.x86_64.rpm
SHA-256: d12993637ac5a1b387644485b225e3d9ad5b6fcc2d7e0092974d441001d069bb
kpatch-patch-4_18_0-372_26_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 45874ee751e5d5b38faef944d5341e4b9e83788348ddabf193e7aa4391f2d83b
kpatch-patch-4_18_0-372_26_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: c177cc6eef5845c3638624bbe5e030f0d6126fa9568440c4140c88adc5f6eb85
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.x86_64.rpm
SHA-256: dc07df890d80e8cc51a0a436affa8147fad890eef3cfbb8a74ea429ac77ebb9a
kpatch-patch-4_18_0-372_32_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 8e5946c589e09465b41fc0ee43758d5933c99beed9ee69f2df3595702413b697
kpatch-patch-4_18_0-372_32_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: 6ba0c0baaf71210f1f5ebeb0b26e733e05f8fbdac8dd05208100d372b70e8e14
kpatch-patch-4_18_0-372_9_1-1-4.el8.x86_64.rpm
SHA-256: 26ec792eea24aa65139f326433ea41e5b5474345623f5d19a036cf0e468d5744
kpatch-patch-4_18_0-372_9_1-debuginfo-1-4.el8.x86_64.rpm
SHA-256: 83340293747d6e64ad3f507b4dfb8358908235f52e8f83069e95b6a3dc273764
kpatch-patch-4_18_0-372_9_1-debugsource-1-4.el8.x86_64.rpm
SHA-256: 6e65848958a84b6db4ec6cdb29076f5f89e59bc186c584191caa9e84a15ee0b1
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6
SRPM
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.src.rpm
SHA-256: 0b2d3c981b7a7ca8d68b33a5be33e2b97bb63aaf1b2593660a087380f849d408
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.src.rpm
SHA-256: ed3d1f7412629c083ab09cc70b46f13c0a1d81b947b73d2a874231bbaea14110
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.src.rpm
SHA-256: 5b5da1bcbf46fdb2cc1a74f779ff42218d7b94b83ff2204ee701c974b3b974a7
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.src.rpm
SHA-256: 69b58000460f7c3f3f816c5b5c5b6024654edc5d4e0708327a9b0cd4490bde68
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.src.rpm
SHA-256: ee7cac0c99cdee99a94d15f4ab79665cdb04b1af027f2418e015a4f978e6956b
kpatch-patch-4_18_0-372_9_1-1-4.el8.src.rpm
SHA-256: c2aec76cc05b7fad755ad1d94a76930d51a191b080a5c4ef3ef038d79293bcf0
ppc64le
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.ppc64le.rpm
SHA-256: cb7cea9e2624334a0e26e11d311771e11f72ab07103892a31081780ea50b6f9a
kpatch-patch-4_18_0-372_13_1-debuginfo-1-3.el8_6.ppc64le.rpm
SHA-256: d0d75b8529a6a88eb2914bd3c69c9ed501ab76f375a111ba32b2c5474eb4941d
kpatch-patch-4_18_0-372_13_1-debugsource-1-3.el8_6.ppc64le.rpm
SHA-256: 4ad0a3922fe7e5b602e77a727b229c7eae19c47701948a7a27bb221873a6f644
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.ppc64le.rpm
SHA-256: 394ad872f4f622aff005db0c4968e396d546bc50043d0ae34a098e78885eaa0e
kpatch-patch-4_18_0-372_16_1-debuginfo-1-3.el8_6.ppc64le.rpm
SHA-256: 1669694e56f48bd5e4d78f8fba6fa9947c9f4e32ac750912bd23b1b368593052
kpatch-patch-4_18_0-372_16_1-debugsource-1-3.el8_6.ppc64le.rpm
SHA-256: 90cc346205710b8d0c5c007ff42b63c7c1db64a5f8d91124ca0da6b136909adf
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.ppc64le.rpm
SHA-256: e36273586f6f8911307069f305e6d2bb3b8774502522f3b4a094d8fffffb617d
kpatch-patch-4_18_0-372_19_1-debuginfo-1-2.el8_6.ppc64le.rpm
SHA-256: f7000523f97cb34ad319c8220c047b2a4e30a472e6cfb0c8b407b6877286a88c
kpatch-patch-4_18_0-372_19_1-debugsource-1-2.el8_6.ppc64le.rpm
SHA-256: d6b89f69fc366c178016287608ba261a309e19ae34dc123eee18c5bc46a23e4e
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.ppc64le.rpm
SHA-256: 345545385bb4138c1db0c7673b041074b1960264d6f40e23818902a986e693d9
kpatch-patch-4_18_0-372_26_1-debuginfo-1-2.el8_6.ppc64le.rpm
SHA-256: 3d77d4991c30b3277357fa82e5ea174f48d12c352e5b28a001583d5b8d92b036
kpatch-patch-4_18_0-372_26_1-debugsource-1-2.el8_6.ppc64le.rpm
SHA-256: c8a63cfad6d17ad72d746e87334eee8985c68f11678f494e745ee9da604a44f2
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.ppc64le.rpm
SHA-256: 514a00e5a27b325e55afbeadefe1db9f25946786232d8cd72d228c4075582009
kpatch-patch-4_18_0-372_32_1-debuginfo-1-1.el8_6.ppc64le.rpm
SHA-256: dfaad44d92ef6fbd0f4317b6e9ae0727e1aa990cdde5bd5324732c62ae0ebd0b
kpatch-patch-4_18_0-372_32_1-debugsource-1-1.el8_6.ppc64le.rpm
SHA-256: 19bb1f500e8243660378b6c2153c1e7bc7fdb045366c4cf6f5eafa3d5092173a
kpatch-patch-4_18_0-372_9_1-1-4.el8.ppc64le.rpm
SHA-256: 12d4d1ac18de0e1e3cb501aedc9ede25e453c4231d74d557ed3fc63e4533d89f
kpatch-patch-4_18_0-372_9_1-debuginfo-1-4.el8.ppc64le.rpm
SHA-256: 73078a7f1a2474181a9aa6a1a878dfb771aa6e5171d68291e0d95ff6498a4849
kpatch-patch-4_18_0-372_9_1-debugsource-1-4.el8.ppc64le.rpm
SHA-256: 1521be5cea92df2994685d97c1e6cc5fef99ad6c161e29f51efc302831a110e9
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6
SRPM
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.src.rpm
SHA-256: 0b2d3c981b7a7ca8d68b33a5be33e2b97bb63aaf1b2593660a087380f849d408
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.src.rpm
SHA-256: ed3d1f7412629c083ab09cc70b46f13c0a1d81b947b73d2a874231bbaea14110
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.src.rpm
SHA-256: 5b5da1bcbf46fdb2cc1a74f779ff42218d7b94b83ff2204ee701c974b3b974a7
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.src.rpm
SHA-256: 69b58000460f7c3f3f816c5b5c5b6024654edc5d4e0708327a9b0cd4490bde68
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.src.rpm
SHA-256: ee7cac0c99cdee99a94d15f4ab79665cdb04b1af027f2418e015a4f978e6956b
kpatch-patch-4_18_0-372_9_1-1-4.el8.src.rpm
SHA-256: c2aec76cc05b7fad755ad1d94a76930d51a191b080a5c4ef3ef038d79293bcf0
x86_64
kpatch-patch-4_18_0-372_13_1-1-3.el8_6.x86_64.rpm
SHA-256: fc99dbdfac45e4ba3c58e7b7cefbf70cf72e0ff105dc7efed9eab5787ef0d84c
kpatch-patch-4_18_0-372_13_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: c504eb504bd8b8da361c614f35bca93e051e01fb200e8dc9f83bd36c76cc6e5c
kpatch-patch-4_18_0-372_13_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 85fdc34f7a20f7b75837f76dc5e50c9f9870c6675922dd65513e1158543b5162
kpatch-patch-4_18_0-372_16_1-1-3.el8_6.x86_64.rpm
SHA-256: 143ceff0add43daca0838040c8b9ba7657bdd9598e61ef86469bfa067171fa8c
kpatch-patch-4_18_0-372_16_1-debuginfo-1-3.el8_6.x86_64.rpm
SHA-256: 9de33b6124fa8e41beea840c19ad4e5af53a98d094578d3acbd6a9f027fe0f5d
kpatch-patch-4_18_0-372_16_1-debugsource-1-3.el8_6.x86_64.rpm
SHA-256: 956f1e8638669073a0233d9a6e639cc4ccbca35ea30508be1683fca7938c9603
kpatch-patch-4_18_0-372_19_1-1-2.el8_6.x86_64.rpm
SHA-256: 0716fd18a388bfb5d28651fb177c237a429cbbdd0fd4d1d0287a654d698c824b
kpatch-patch-4_18_0-372_19_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: bc7095a44f2748b8be5fe1a0bd7de5c50b3aa282e8cf260edcf5dbf42fa69ef3
kpatch-patch-4_18_0-372_19_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: eaabf276e92a7a34cbf68fb72b87e18fad5c40da8a0b764e67be8e9a357502a4
kpatch-patch-4_18_0-372_26_1-1-2.el8_6.x86_64.rpm
SHA-256: d12993637ac5a1b387644485b225e3d9ad5b6fcc2d7e0092974d441001d069bb
kpatch-patch-4_18_0-372_26_1-debuginfo-1-2.el8_6.x86_64.rpm
SHA-256: 45874ee751e5d5b38faef944d5341e4b9e83788348ddabf193e7aa4391f2d83b
kpatch-patch-4_18_0-372_26_1-debugsource-1-2.el8_6.x86_64.rpm
SHA-256: c177cc6eef5845c3638624bbe5e030f0d6126fa9568440c4140c88adc5f6eb85
kpatch-patch-4_18_0-372_32_1-1-1.el8_6.x86_64.rpm
SHA-256: dc07df890d80e8cc51a0a436affa8147fad890eef3cfbb8a74ea429ac77ebb9a
kpatch-patch-4_18_0-372_32_1-debuginfo-1-1.el8_6.x86_64.rpm
SHA-256: 8e5946c589e09465b41fc0ee43758d5933c99beed9ee69f2df3595702413b697
kpatch-patch-4_18_0-372_32_1-debugsource-1-1.el8_6.x86_64.rpm
SHA-256: 6ba0c0baaf71210f1f5ebeb0b26e733e05f8fbdac8dd05208100d372b70e8e14
kpatch-patch-4_18_0-372_9_1-1-4.el8.x86_64.rpm
SHA-256: 26ec792eea24aa65139f326433ea41e5b5474345623f5d19a036cf0e468d5744
kpatch-patch-4_18_0-372_9_1-debuginfo-1-4.el8.x86_64.rpm
SHA-256: 83340293747d6e64ad3f507b4dfb8358908235f52e8f83069e95b6a3dc273764
kpatch-patch-4_18_0-372_9_1-debugsource-1-4.el8.x86_64.rpm
SHA-256: 6e65848958a84b6db4ec6cdb29076f5f89e59bc186c584191caa9e84a15ee0b1
Related news
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Red Hat Security Advisory 2023-0059-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat OpenShift Container Platform release 4.9.54 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)
Red Hat Security Advisory 2022-9082-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow, out of bounds write, and privilege escalation vulnerabilities.
Red Hat OpenShift Container Platform release 4.11.20 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: golang: crash in a golang.org/x/crypto/ssh server
Red Hat Security Advisory 2022-8973-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, code execution, memory leak, out of bounds write, and privilege escalation vulnerabilities.
Red Hat Security Advisory 2022-8941-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include an out of bounds write vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-21123: hw: cpu: incomplete clean-up of multi-co...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Openshift Logging Bug Fix Release (5.3.14) Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36518: jackson-databind: denial of service via a large depth of nested objects * CVE-2022-42003: jackson-databind: deep wrapper array nesting wrt UNWRAP_SINGLE_VALUE_ARRAYS * CVE-2022-42004: jackson-databind: use of deeply nested arrays
Red Hat Security Advisory 2022-8831-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2022-8809-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
Red Hat Security Advisory 2022-8809-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an out of bounds write vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An update for kernel is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2639: kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
Red Hat Security Advisory 2022-8686-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1158: kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region
Red Hat Security Advisory 2022-7933-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include code execution, denial of service, double free, information leakage, null pointer, out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-0854: ...
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2022-0168: kernel: smb2_ioctl_query_info NULL pointer dereference * CVE-2022-0617: kernel: NULL pointer dereference in udf_expand_file_adinicbdue() during writeback * CVE-2022-085...
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-36516: kernel: off-path attacker may inject data or terminate victim's TCP session * CVE-2020-36558: kernel: race condition in VT_RESIZEX ioctl when vc_cons[i].d is already NULL leading to NULL pointer dereference * CVE-2021-3640: kernel: use-after-free vulnerability in function sco_sock_sendmsg() * CVE-2021-30002: kernel: memory leak for large arguments...
Ubuntu Security Notice 5650-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
A flaw was found in KVM. When updating a guest's page table entry, vm_pgoff was improperly used as the offset to get the page's pfn. As vaddr and vm_pgoff are controllable by user-mode processes, this flaw allows unprivileged local users on the host to write outside the userspace region and potentially corrupt the kernel, resulting in a denial of service condition.
Ubuntu Security Notice 5469-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5468-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5416-1 - Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service.