Headline
RHSA-2022:1373: Red Hat Security Advisory: kpatch-patch security update
An update is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-0920: kernel: Use After Free in unix_gc() which could result in a local privilege escalation
- CVE-2021-4028: kernel: use-after-free in RDMA listen()
- CVE-2021-4083: kernel: fget: check that the fd still exists after getting a ref to it
- CVE-2022-22942: kernel: failing usercopy allows for use-after-free exploitation
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
- kernel: use-after-free in RDMA listen() (CVE-2021-4028)
- kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
- kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server - AUS 7.7 x86_64
- Red Hat Enterprise Linux Server - TUS 7.7 x86_64
- Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7 ppc64le
- Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7 x86_64
Fixes
- BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
- BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
- BZ - 2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
- BZ - 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation
CVEs
- CVE-2021-0920
- CVE-2021-4028
- CVE-2021-4083
- CVE-2022-22942
Red Hat Enterprise Linux Server - AUS 7.7
SRPM
kpatch-patch-3_10_0-1062_49_1-1-6.el7.src.rpm
SHA-256: fdaa3cd889f0e3ff414b72a046347897516f79b087d4f6ab7aad7dbad690b4f6
kpatch-patch-3_10_0-1062_51_1-1-6.el7.src.rpm
SHA-256: 9ca07f63f5f6847116f1322930fd588d23d25979ae4c1c0ee29f1160bc940ef6
kpatch-patch-3_10_0-1062_52_2-1-5.el7.src.rpm
SHA-256: ddcbf8f04db3900c3dfa17ec22570d7a44d33b2fd802cc76d7eb8d86f2cc0ddb
kpatch-patch-3_10_0-1062_56_1-1-4.el7.src.rpm
SHA-256: 08ef9acbfd93b6cd736c41504bf9af9aa87da1e8e81f8c381725f13611dfffe0
kpatch-patch-3_10_0-1062_59_1-1-2.el7.src.rpm
SHA-256: b5cea73a70f6fbcf408182dfd722e8f64c020b8b5f1d4a37d07a1ded1cfafb54
kpatch-patch-3_10_0-1062_60_1-1-2.el7.src.rpm
SHA-256: 5a088261a4a2a021a9d6e7cc190397dd3b5bc4f2928bdf69a91c01c64aecec5f
kpatch-patch-3_10_0-1062_61_1-1-2.el7.src.rpm
SHA-256: 39c70a92bea5c1c0e5a05712ec11a1d8e21323b9a3c79ed2a0f0b991fc76369e
kpatch-patch-3_10_0-1062_63_1-1-1.el7.src.rpm
SHA-256: 4c54addeae80c07f3a8a05a5f99e209864c1d7664b5ae8c116c90fd6aa94eac8
x86_64
kpatch-patch-3_10_0-1062_49_1-1-6.el7.x86_64.rpm
SHA-256: c3a10eb997ab1ef69923ab86380d24fd1c5be047043cb198ca57e42d363f988b
kpatch-patch-3_10_0-1062_49_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 002f7ef3ed1f1099f8a27b729181bedf246b94a0b0d6fa9251324bb6fb678f2f
kpatch-patch-3_10_0-1062_51_1-1-6.el7.x86_64.rpm
SHA-256: de6649da4f60d8a59129931f520a39041fa219b37b69450cec9604300ba579c5
kpatch-patch-3_10_0-1062_51_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 9a34ca5c6fb532ad17d5e3c0e1b7f09ca0f39e4f4e0a08ee5144b8d1c6499b8b
kpatch-patch-3_10_0-1062_52_2-1-5.el7.x86_64.rpm
SHA-256: 21451839412e99cff733c55ad4f71db364b7f91c6e77bc6840d3a90521e07129
kpatch-patch-3_10_0-1062_52_2-debuginfo-1-5.el7.x86_64.rpm
SHA-256: 37dd94d4c7e746948153b633f1d5d55dbcce3260ddd6866b0e12fcef5cb5da8d
kpatch-patch-3_10_0-1062_56_1-1-4.el7.x86_64.rpm
SHA-256: 4c22bab0000bef9c3c55ef5617559f1f474a36050d8083680dfa5206df4255f4
kpatch-patch-3_10_0-1062_56_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: 23c9a566a5239b95a0e534c29b6d510634bb42a7221f9c568e3991ad1246414a
kpatch-patch-3_10_0-1062_59_1-1-2.el7.x86_64.rpm
SHA-256: 640a74726403d19b0ecf9a4fda2244767ff72aadf86fee184f5d09cb6b0fd50c
kpatch-patch-3_10_0-1062_59_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 02e13e2fd616eed7fd8753f2216cfb53c5664e7786609bde3895e6bfb758f18d
kpatch-patch-3_10_0-1062_60_1-1-2.el7.x86_64.rpm
SHA-256: 8d9c626c13627a29603f509144759ffb7fc1b378100e409e9aefa6c6536d59e2
kpatch-patch-3_10_0-1062_60_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 882056359ccc5387fe56cbe670989a3e2d6655a6601cd8deb04a46c816d5dcfa
kpatch-patch-3_10_0-1062_61_1-1-2.el7.x86_64.rpm
SHA-256: b5653c53c1fa4ddec5de38766f6fbfd161fc51a1dc1a14f095fec2bdecfc1beb
kpatch-patch-3_10_0-1062_61_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 92663751adbaa3e5d889c56db068c318de9c86dc548c0538c9d9481f26824c3a
kpatch-patch-3_10_0-1062_63_1-1-1.el7.x86_64.rpm
SHA-256: 3705330f342aa699a09e033f8832e87eac84b32c2a2556c951f65599361a1cd6
kpatch-patch-3_10_0-1062_63_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: 8e434168dfb0c4e7bbf7cac37646913a33a53812a931be41c6da637002539280
Red Hat Enterprise Linux Server - TUS 7.7
SRPM
kpatch-patch-3_10_0-1062_49_1-1-6.el7.src.rpm
SHA-256: fdaa3cd889f0e3ff414b72a046347897516f79b087d4f6ab7aad7dbad690b4f6
kpatch-patch-3_10_0-1062_51_1-1-6.el7.src.rpm
SHA-256: 9ca07f63f5f6847116f1322930fd588d23d25979ae4c1c0ee29f1160bc940ef6
kpatch-patch-3_10_0-1062_52_2-1-5.el7.src.rpm
SHA-256: ddcbf8f04db3900c3dfa17ec22570d7a44d33b2fd802cc76d7eb8d86f2cc0ddb
kpatch-patch-3_10_0-1062_56_1-1-4.el7.src.rpm
SHA-256: 08ef9acbfd93b6cd736c41504bf9af9aa87da1e8e81f8c381725f13611dfffe0
kpatch-patch-3_10_0-1062_59_1-1-2.el7.src.rpm
SHA-256: b5cea73a70f6fbcf408182dfd722e8f64c020b8b5f1d4a37d07a1ded1cfafb54
kpatch-patch-3_10_0-1062_60_1-1-2.el7.src.rpm
SHA-256: 5a088261a4a2a021a9d6e7cc190397dd3b5bc4f2928bdf69a91c01c64aecec5f
kpatch-patch-3_10_0-1062_61_1-1-2.el7.src.rpm
SHA-256: 39c70a92bea5c1c0e5a05712ec11a1d8e21323b9a3c79ed2a0f0b991fc76369e
kpatch-patch-3_10_0-1062_63_1-1-1.el7.src.rpm
SHA-256: 4c54addeae80c07f3a8a05a5f99e209864c1d7664b5ae8c116c90fd6aa94eac8
x86_64
kpatch-patch-3_10_0-1062_49_1-1-6.el7.x86_64.rpm
SHA-256: c3a10eb997ab1ef69923ab86380d24fd1c5be047043cb198ca57e42d363f988b
kpatch-patch-3_10_0-1062_49_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 002f7ef3ed1f1099f8a27b729181bedf246b94a0b0d6fa9251324bb6fb678f2f
kpatch-patch-3_10_0-1062_51_1-1-6.el7.x86_64.rpm
SHA-256: de6649da4f60d8a59129931f520a39041fa219b37b69450cec9604300ba579c5
kpatch-patch-3_10_0-1062_51_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 9a34ca5c6fb532ad17d5e3c0e1b7f09ca0f39e4f4e0a08ee5144b8d1c6499b8b
kpatch-patch-3_10_0-1062_52_2-1-5.el7.x86_64.rpm
SHA-256: 21451839412e99cff733c55ad4f71db364b7f91c6e77bc6840d3a90521e07129
kpatch-patch-3_10_0-1062_52_2-debuginfo-1-5.el7.x86_64.rpm
SHA-256: 37dd94d4c7e746948153b633f1d5d55dbcce3260ddd6866b0e12fcef5cb5da8d
kpatch-patch-3_10_0-1062_56_1-1-4.el7.x86_64.rpm
SHA-256: 4c22bab0000bef9c3c55ef5617559f1f474a36050d8083680dfa5206df4255f4
kpatch-patch-3_10_0-1062_56_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: 23c9a566a5239b95a0e534c29b6d510634bb42a7221f9c568e3991ad1246414a
kpatch-patch-3_10_0-1062_59_1-1-2.el7.x86_64.rpm
SHA-256: 640a74726403d19b0ecf9a4fda2244767ff72aadf86fee184f5d09cb6b0fd50c
kpatch-patch-3_10_0-1062_59_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 02e13e2fd616eed7fd8753f2216cfb53c5664e7786609bde3895e6bfb758f18d
kpatch-patch-3_10_0-1062_60_1-1-2.el7.x86_64.rpm
SHA-256: 8d9c626c13627a29603f509144759ffb7fc1b378100e409e9aefa6c6536d59e2
kpatch-patch-3_10_0-1062_60_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 882056359ccc5387fe56cbe670989a3e2d6655a6601cd8deb04a46c816d5dcfa
kpatch-patch-3_10_0-1062_61_1-1-2.el7.x86_64.rpm
SHA-256: b5653c53c1fa4ddec5de38766f6fbfd161fc51a1dc1a14f095fec2bdecfc1beb
kpatch-patch-3_10_0-1062_61_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 92663751adbaa3e5d889c56db068c318de9c86dc548c0538c9d9481f26824c3a
kpatch-patch-3_10_0-1062_63_1-1-1.el7.x86_64.rpm
SHA-256: 3705330f342aa699a09e033f8832e87eac84b32c2a2556c951f65599361a1cd6
kpatch-patch-3_10_0-1062_63_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: 8e434168dfb0c4e7bbf7cac37646913a33a53812a931be41c6da637002539280
Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.7
SRPM
kpatch-patch-3_10_0-1062_49_1-1-6.el7.src.rpm
SHA-256: fdaa3cd889f0e3ff414b72a046347897516f79b087d4f6ab7aad7dbad690b4f6
kpatch-patch-3_10_0-1062_51_1-1-6.el7.src.rpm
SHA-256: 9ca07f63f5f6847116f1322930fd588d23d25979ae4c1c0ee29f1160bc940ef6
kpatch-patch-3_10_0-1062_52_2-1-5.el7.src.rpm
SHA-256: ddcbf8f04db3900c3dfa17ec22570d7a44d33b2fd802cc76d7eb8d86f2cc0ddb
kpatch-patch-3_10_0-1062_56_1-1-4.el7.src.rpm
SHA-256: 08ef9acbfd93b6cd736c41504bf9af9aa87da1e8e81f8c381725f13611dfffe0
kpatch-patch-3_10_0-1062_59_1-1-2.el7.src.rpm
SHA-256: b5cea73a70f6fbcf408182dfd722e8f64c020b8b5f1d4a37d07a1ded1cfafb54
kpatch-patch-3_10_0-1062_60_1-1-2.el7.src.rpm
SHA-256: 5a088261a4a2a021a9d6e7cc190397dd3b5bc4f2928bdf69a91c01c64aecec5f
kpatch-patch-3_10_0-1062_61_1-1-2.el7.src.rpm
SHA-256: 39c70a92bea5c1c0e5a05712ec11a1d8e21323b9a3c79ed2a0f0b991fc76369e
kpatch-patch-3_10_0-1062_63_1-1-1.el7.src.rpm
SHA-256: 4c54addeae80c07f3a8a05a5f99e209864c1d7664b5ae8c116c90fd6aa94eac8
ppc64le
kpatch-patch-3_10_0-1062_49_1-1-6.el7.ppc64le.rpm
SHA-256: 2e972f2ead659eeed8269be6fc5747c28b9c46c6d6f1c9cd455c07fc958086d2
kpatch-patch-3_10_0-1062_49_1-debuginfo-1-6.el7.ppc64le.rpm
SHA-256: 5679b4c5f9b30fbf81c963b564cb167e385089baf0a1d6a739f874cc005b44cb
kpatch-patch-3_10_0-1062_51_1-1-6.el7.ppc64le.rpm
SHA-256: adff79dd56f2579d9190867b8f9dd7e4f15558b40d606c82b07caf6fa8fbd671
kpatch-patch-3_10_0-1062_51_1-debuginfo-1-6.el7.ppc64le.rpm
SHA-256: 3e6b8837b9b875299c8a2bc31416ec0aedb2c2299d869bbe9e73721158baafa4
kpatch-patch-3_10_0-1062_52_2-1-5.el7.ppc64le.rpm
SHA-256: 20567e3db3dcb38bd835caf6a54594dd7f6005737d49d9ad08f84e9c4ccfa591
kpatch-patch-3_10_0-1062_52_2-debuginfo-1-5.el7.ppc64le.rpm
SHA-256: fa5fe638ed7e96ed90151d58c3e8e4a94b56f4351475ed6bc94c1b2410b34099
kpatch-patch-3_10_0-1062_56_1-1-4.el7.ppc64le.rpm
SHA-256: c4cc418bdbacf08f2aae0380d5ee4877231cad78234ded7f923c68f941315fef
kpatch-patch-3_10_0-1062_56_1-debuginfo-1-4.el7.ppc64le.rpm
SHA-256: bc500d3e4d7b2f292bc74ab8cae795123e11360c1b119a2a59985ae7a50879ac
kpatch-patch-3_10_0-1062_59_1-1-2.el7.ppc64le.rpm
SHA-256: d0a8405aadbd7a22af9414d4d46423581bff8d9765eebf531c03c7f67635bcce
kpatch-patch-3_10_0-1062_59_1-debuginfo-1-2.el7.ppc64le.rpm
SHA-256: 2d3ab0a44cb1772c9ddc866717e6e2d8fee40f3b56247a5da844fe59bd98c401
kpatch-patch-3_10_0-1062_60_1-1-2.el7.ppc64le.rpm
SHA-256: ed1299ffcc90367a40dfb83ce162114602876dd83f623e0ab4935601098d9b57
kpatch-patch-3_10_0-1062_60_1-debuginfo-1-2.el7.ppc64le.rpm
SHA-256: 92d126446d35bb05c3b63f3f4d69e7f462041cf299893446783bb5dc5765ccdc
kpatch-patch-3_10_0-1062_61_1-1-2.el7.ppc64le.rpm
SHA-256: 162d4af352e017b33fd36ea3288ac0b5bd29df711cefe9fc73e17be2eddacabe
kpatch-patch-3_10_0-1062_61_1-debuginfo-1-2.el7.ppc64le.rpm
SHA-256: c38f9a8e425c5e162261b8668cd81a4cc141a24112f3864dc54e50b05f6e271e
kpatch-patch-3_10_0-1062_63_1-1-1.el7.ppc64le.rpm
SHA-256: 37280b09e53536dc66255b770dd2ab22bd45240b85be0aa35f0e7c342f3d9d13
kpatch-patch-3_10_0-1062_63_1-debuginfo-1-1.el7.ppc64le.rpm
SHA-256: d699aec07ae2a526a55095b79bad96195087f8bbe0ebf8a5614e7484eb3fb44d
Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.7
SRPM
kpatch-patch-3_10_0-1062_49_1-1-6.el7.src.rpm
SHA-256: fdaa3cd889f0e3ff414b72a046347897516f79b087d4f6ab7aad7dbad690b4f6
kpatch-patch-3_10_0-1062_51_1-1-6.el7.src.rpm
SHA-256: 9ca07f63f5f6847116f1322930fd588d23d25979ae4c1c0ee29f1160bc940ef6
kpatch-patch-3_10_0-1062_52_2-1-5.el7.src.rpm
SHA-256: ddcbf8f04db3900c3dfa17ec22570d7a44d33b2fd802cc76d7eb8d86f2cc0ddb
kpatch-patch-3_10_0-1062_56_1-1-4.el7.src.rpm
SHA-256: 08ef9acbfd93b6cd736c41504bf9af9aa87da1e8e81f8c381725f13611dfffe0
kpatch-patch-3_10_0-1062_59_1-1-2.el7.src.rpm
SHA-256: b5cea73a70f6fbcf408182dfd722e8f64c020b8b5f1d4a37d07a1ded1cfafb54
kpatch-patch-3_10_0-1062_60_1-1-2.el7.src.rpm
SHA-256: 5a088261a4a2a021a9d6e7cc190397dd3b5bc4f2928bdf69a91c01c64aecec5f
kpatch-patch-3_10_0-1062_61_1-1-2.el7.src.rpm
SHA-256: 39c70a92bea5c1c0e5a05712ec11a1d8e21323b9a3c79ed2a0f0b991fc76369e
kpatch-patch-3_10_0-1062_63_1-1-1.el7.src.rpm
SHA-256: 4c54addeae80c07f3a8a05a5f99e209864c1d7664b5ae8c116c90fd6aa94eac8
x86_64
kpatch-patch-3_10_0-1062_49_1-1-6.el7.x86_64.rpm
SHA-256: c3a10eb997ab1ef69923ab86380d24fd1c5be047043cb198ca57e42d363f988b
kpatch-patch-3_10_0-1062_49_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 002f7ef3ed1f1099f8a27b729181bedf246b94a0b0d6fa9251324bb6fb678f2f
kpatch-patch-3_10_0-1062_51_1-1-6.el7.x86_64.rpm
SHA-256: de6649da4f60d8a59129931f520a39041fa219b37b69450cec9604300ba579c5
kpatch-patch-3_10_0-1062_51_1-debuginfo-1-6.el7.x86_64.rpm
SHA-256: 9a34ca5c6fb532ad17d5e3c0e1b7f09ca0f39e4f4e0a08ee5144b8d1c6499b8b
kpatch-patch-3_10_0-1062_52_2-1-5.el7.x86_64.rpm
SHA-256: 21451839412e99cff733c55ad4f71db364b7f91c6e77bc6840d3a90521e07129
kpatch-patch-3_10_0-1062_52_2-debuginfo-1-5.el7.x86_64.rpm
SHA-256: 37dd94d4c7e746948153b633f1d5d55dbcce3260ddd6866b0e12fcef5cb5da8d
kpatch-patch-3_10_0-1062_56_1-1-4.el7.x86_64.rpm
SHA-256: 4c22bab0000bef9c3c55ef5617559f1f474a36050d8083680dfa5206df4255f4
kpatch-patch-3_10_0-1062_56_1-debuginfo-1-4.el7.x86_64.rpm
SHA-256: 23c9a566a5239b95a0e534c29b6d510634bb42a7221f9c568e3991ad1246414a
kpatch-patch-3_10_0-1062_59_1-1-2.el7.x86_64.rpm
SHA-256: 640a74726403d19b0ecf9a4fda2244767ff72aadf86fee184f5d09cb6b0fd50c
kpatch-patch-3_10_0-1062_59_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 02e13e2fd616eed7fd8753f2216cfb53c5664e7786609bde3895e6bfb758f18d
kpatch-patch-3_10_0-1062_60_1-1-2.el7.x86_64.rpm
SHA-256: 8d9c626c13627a29603f509144759ffb7fc1b378100e409e9aefa6c6536d59e2
kpatch-patch-3_10_0-1062_60_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 882056359ccc5387fe56cbe670989a3e2d6655a6601cd8deb04a46c816d5dcfa
kpatch-patch-3_10_0-1062_61_1-1-2.el7.x86_64.rpm
SHA-256: b5653c53c1fa4ddec5de38766f6fbfd161fc51a1dc1a14f095fec2bdecfc1beb
kpatch-patch-3_10_0-1062_61_1-debuginfo-1-2.el7.x86_64.rpm
SHA-256: 92663751adbaa3e5d889c56db068c318de9c86dc548c0538c9d9481f26824c3a
kpatch-patch-3_10_0-1062_63_1-1-1.el7.x86_64.rpm
SHA-256: 3705330f342aa699a09e033f8832e87eac84b32c2a2556c951f65599361a1cd6
kpatch-patch-3_10_0-1062_63_1-debuginfo-1-1.el7.x86_64.rpm
SHA-256: 8e434168dfb0c4e7bbf7cac37646913a33a53812a931be41c6da637002539280