Headline
RHSA-2022:7885: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-11-09
Updated:
2022-11-09
RHSA-2022:7885 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kpatch management tool provides a kernel patching infrastructure which
allows you to patch a running kernel without rebooting or restarting any
processes.
Security Fix(es):
- kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2 x86_64
Fixes
- BZ - 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.2
SRPM
kpatch-patch-4_18_0-193_80_1-1-2.el8_2.src.rpm
SHA-256: 33ccc2d55bdcb5e29b4e029e909a894d729a6fc7532298abc6173af01ad983aa
kpatch-patch-4_18_0-193_81_1-1-2.el8_2.src.rpm
SHA-256: b288ab2dd03e9a7da9d60b714d16b28869c22af41b45c174221d9eb6dc97925d
kpatch-patch-4_18_0-193_87_1-1-1.el8_2.src.rpm
SHA-256: cd312b4087aedc370c52b920d9478917f1930f392acf5274807b273793e57685
kpatch-patch-4_18_0-193_90_1-1-1.el8_2.src.rpm
SHA-256: a597d17bbe2ec2690cdbd2951608f3e9c4956442aba133e0706be9b45073c283
kpatch-patch-4_18_0-193_91_1-1-1.el8_2.src.rpm
SHA-256: 5c7d4178512c43402ff545868078bc0282437e1f8fa279294f866d322e5535f3
ppc64le
kpatch-patch-4_18_0-193_80_1-1-2.el8_2.ppc64le.rpm
SHA-256: 1f3ffe22baca805b7b4b4f2398e85d9fcefc9c471b59fbdea31f257f6760f999
kpatch-patch-4_18_0-193_80_1-debuginfo-1-2.el8_2.ppc64le.rpm
SHA-256: 2f08d7c636bc61141910d02407c126b5a7a4075e6ba88327ffe30dce5ba09c26
kpatch-patch-4_18_0-193_80_1-debugsource-1-2.el8_2.ppc64le.rpm
SHA-256: dcaa7f20f687e2c493697745cb75fd20b84fa0c501475f95ce6c65fdef7c292a
kpatch-patch-4_18_0-193_81_1-1-2.el8_2.ppc64le.rpm
SHA-256: 3f073bcbb6b3de62cfe5f866825c6f39fbe9521f35e41700834ce2165bf96005
kpatch-patch-4_18_0-193_81_1-debuginfo-1-2.el8_2.ppc64le.rpm
SHA-256: 5f428413dfd2351bb2c9b448a69b4357152a4dc4a1e10795367c0514625d49ec
kpatch-patch-4_18_0-193_81_1-debugsource-1-2.el8_2.ppc64le.rpm
SHA-256: 9602058f812c384748d2079e957b5886767073797c7bb3dea5c60c761b085d12
kpatch-patch-4_18_0-193_87_1-1-1.el8_2.ppc64le.rpm
SHA-256: 71fc1ecc48a7f1e0c336ce0f77828ea2813f99141add89502e87e36f9cc85089
kpatch-patch-4_18_0-193_87_1-debuginfo-1-1.el8_2.ppc64le.rpm
SHA-256: 40627bb5134cc38c9e4a63d33b2ce0785378001a85908c60dc101cc9833ce534
kpatch-patch-4_18_0-193_87_1-debugsource-1-1.el8_2.ppc64le.rpm
SHA-256: 8f58299347aa80c5a4cdc3e8e5d94f9deb36d232893b2cd6a3858e3ee2942909
kpatch-patch-4_18_0-193_90_1-1-1.el8_2.ppc64le.rpm
SHA-256: 00ff74fd50be831e61f1fd66ea62209573bb95a2452b38f6d422b4798638c18a
kpatch-patch-4_18_0-193_90_1-debuginfo-1-1.el8_2.ppc64le.rpm
SHA-256: 1306595ed44ec20c5ccd5ee9760355f7d4778d0083d61782d5c7ce413c7bbf8a
kpatch-patch-4_18_0-193_90_1-debugsource-1-1.el8_2.ppc64le.rpm
SHA-256: cb0311e9d6d9e071bcd59b77f663ec0a8d4fdd7a4dd615eb869e33a642aac0ac
kpatch-patch-4_18_0-193_91_1-1-1.el8_2.ppc64le.rpm
SHA-256: 9705b9040fad3e1ad4887677caeecf48503b25fb70820718a2c2186e56fa677c
kpatch-patch-4_18_0-193_91_1-debuginfo-1-1.el8_2.ppc64le.rpm
SHA-256: e2b5d3f4233aa172348ecf83999dce40557adb6e5be8c5c952f235bbcb5489c9
kpatch-patch-4_18_0-193_91_1-debugsource-1-1.el8_2.ppc64le.rpm
SHA-256: f4b62799ec9177568126a7a29dd8499995d7ccfe14cecc1bfaef1c5a79d897d6
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.2
SRPM
kpatch-patch-4_18_0-193_80_1-1-2.el8_2.src.rpm
SHA-256: 33ccc2d55bdcb5e29b4e029e909a894d729a6fc7532298abc6173af01ad983aa
kpatch-patch-4_18_0-193_81_1-1-2.el8_2.src.rpm
SHA-256: b288ab2dd03e9a7da9d60b714d16b28869c22af41b45c174221d9eb6dc97925d
kpatch-patch-4_18_0-193_87_1-1-1.el8_2.src.rpm
SHA-256: cd312b4087aedc370c52b920d9478917f1930f392acf5274807b273793e57685
kpatch-patch-4_18_0-193_90_1-1-1.el8_2.src.rpm
SHA-256: a597d17bbe2ec2690cdbd2951608f3e9c4956442aba133e0706be9b45073c283
kpatch-patch-4_18_0-193_91_1-1-1.el8_2.src.rpm
SHA-256: 5c7d4178512c43402ff545868078bc0282437e1f8fa279294f866d322e5535f3
x86_64
kpatch-patch-4_18_0-193_80_1-1-2.el8_2.x86_64.rpm
SHA-256: 4d97228e35a5b89b62cbfaa1ae848e5c0413c38bd95308faab78124d5d7838e2
kpatch-patch-4_18_0-193_80_1-debuginfo-1-2.el8_2.x86_64.rpm
SHA-256: 20b82ac32ff1cf3f031e766e20c95fd3ad7791980690626501f33f6db554efd1
kpatch-patch-4_18_0-193_80_1-debugsource-1-2.el8_2.x86_64.rpm
SHA-256: 7c816cc8326b4693fefc47a3b8d64312a9b89699ec5ec3d3cb8d6e9a6a163da3
kpatch-patch-4_18_0-193_81_1-1-2.el8_2.x86_64.rpm
SHA-256: 6bdb96d728df003febb1c3959c0a06abd9ca6ff65de20a06dd6e80c2870745e1
kpatch-patch-4_18_0-193_81_1-debuginfo-1-2.el8_2.x86_64.rpm
SHA-256: d14d1c250a2af0e3d8a5e879bc70fc0e03a6f2363774003a7f062d0c9c755a5a
kpatch-patch-4_18_0-193_81_1-debugsource-1-2.el8_2.x86_64.rpm
SHA-256: 1661ce6c613720b7aa5c8efaa7b584a4a841cc30f87625fdc0426a570a35c926
kpatch-patch-4_18_0-193_87_1-1-1.el8_2.x86_64.rpm
SHA-256: 062164dcd08d630e65293a419d7e94a2266543360f5a254bbe6519fef707da53
kpatch-patch-4_18_0-193_87_1-debuginfo-1-1.el8_2.x86_64.rpm
SHA-256: 5ea72bf1c9d1f1181ed142f17b110044e078122bfa2edf3c627d702a9abcc9ab
kpatch-patch-4_18_0-193_87_1-debugsource-1-1.el8_2.x86_64.rpm
SHA-256: e3f82bedd26d6a6c995eaf8dd7be4e7435ed20f719e0eb6991e1525c1725ff7d
kpatch-patch-4_18_0-193_90_1-1-1.el8_2.x86_64.rpm
SHA-256: 5aca2f4f9b1ba6fc709a23c8159106728fa08879792751280d542d5e637d26a0
kpatch-patch-4_18_0-193_90_1-debuginfo-1-1.el8_2.x86_64.rpm
SHA-256: 636eec6c56ed48ac023f74e3f6d0d26fd51c295429ff086404644cc71dcc6b37
kpatch-patch-4_18_0-193_90_1-debugsource-1-1.el8_2.x86_64.rpm
SHA-256: 9049a4c2a18d7ae175ee67b2667b78986200f4c2010dfdc9c2d10a4471a95be3
kpatch-patch-4_18_0-193_91_1-1-1.el8_2.x86_64.rpm
SHA-256: 81a42a2cdeb7c544c977bd679e42a20250c6399f72e2536966e6d2c91142c65c
kpatch-patch-4_18_0-193_91_1-debuginfo-1-1.el8_2.x86_64.rpm
SHA-256: d7501c87121bbf6bfa70b23a57ced783acade739adf181212d382a3f09736900
kpatch-patch-4_18_0-193_91_1-debugsource-1-1.el8_2.x86_64.rpm
SHA-256: 81ffa1f70ac252c79741f826590b9d1a713ed1213e34179e8b8e624fb1fbc060
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-4022-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, privilege escalation, and use-after-free vulnerabilities.
Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]
Red Hat OpenShift Container Platform release 4.8.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Security Advisory 2022-7279-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka S...
Red Hat Security Advisory 2022-7173-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-7137-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CV...
An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Security Advisory 2022-6875-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...