Headline
RHSA-2023:0392: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-01-24
Updated:
2023-01-24
RHSA-2023:0392 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the latest RHEL-8.2.z23 Batch (BZ#2150054)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64
Fixes
- BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2
SRPM
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.src.rpm
SHA-256: c2c46ee2e4d40d14b4e4600a0fd5a1dc14fe3e4cadeee68c9eb92b7a172f3e09
x86_64
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: a59fed5e3ee7288e7d5ba3a2e290f30172406b7188507350e1f435e2d675575b
kernel-rt-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 9aaa90e56cff8818c3fec6f146e174097c52a18b1185caea4639fbc8ae0bc832
kernel-rt-debug-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 7f0bd9bc94a7ecc5ff3b1ad68261dfb82e9b013b1818053d90b3790eca44bb3f
kernel-rt-debug-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 3053842d301c63443cfac4bc5530705fd0818a7e9f7cb25a9956ca77a508213b
kernel-rt-debug-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 3096d46ba4a81620390a7c4773ac06991416f4597b1c861abbffe9d140acadea
kernel-rt-debug-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 41ee6066ce53921beea4a25bbedba95670ec1edf5e7106034e1f05eccc8b5fea
kernel-rt-debug-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: e3a4e10c073707fa26546617e52ba32e2102027c8d73f35c53d7d5061db5f405
kernel-rt-debug-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 6b259884ca0254b4c57f7d8e2a208aeed262c3d81650c3ebc50061eb280f4777
kernel-rt-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: d93113fb8dab2b2ef9649b94f9b2403ce03e4b02b27f5f8347260e7a3543eff7
kernel-rt-debuginfo-common-x86_64-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: f4205c3dd7ab7c6ef50f8713da09833a8207854f2c0da0b202be3dd4e27a8e59
kernel-rt-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 14676c314386335a3886337cd5563dbcda3ccdf7c789aee92384c34fee822e2d
kernel-rt-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 995f270c8c2edb9171191bbcf1dd8cb688e0ca37bb15d918e2decf25a2edafd8
kernel-rt-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: afca8a02d9b6a2dfb85721b926388e0f82bd49a573bbe6a535f599474a366d4a
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2
SRPM
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.src.rpm
SHA-256: c2c46ee2e4d40d14b4e4600a0fd5a1dc14fe3e4cadeee68c9eb92b7a172f3e09
x86_64
kernel-rt-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: a59fed5e3ee7288e7d5ba3a2e290f30172406b7188507350e1f435e2d675575b
kernel-rt-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 9aaa90e56cff8818c3fec6f146e174097c52a18b1185caea4639fbc8ae0bc832
kernel-rt-debug-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 7f0bd9bc94a7ecc5ff3b1ad68261dfb82e9b013b1818053d90b3790eca44bb3f
kernel-rt-debug-core-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 3053842d301c63443cfac4bc5530705fd0818a7e9f7cb25a9956ca77a508213b
kernel-rt-debug-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 3096d46ba4a81620390a7c4773ac06991416f4597b1c861abbffe9d140acadea
kernel-rt-debug-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 41ee6066ce53921beea4a25bbedba95670ec1edf5e7106034e1f05eccc8b5fea
kernel-rt-debug-kvm-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: a0e4faa7b1cf81242cfd6cd516cb4733155d741728557bced9629094c442899c
kernel-rt-debug-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: e3a4e10c073707fa26546617e52ba32e2102027c8d73f35c53d7d5061db5f405
kernel-rt-debug-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 6b259884ca0254b4c57f7d8e2a208aeed262c3d81650c3ebc50061eb280f4777
kernel-rt-debuginfo-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: d93113fb8dab2b2ef9649b94f9b2403ce03e4b02b27f5f8347260e7a3543eff7
kernel-rt-debuginfo-common-x86_64-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: f4205c3dd7ab7c6ef50f8713da09833a8207854f2c0da0b202be3dd4e27a8e59
kernel-rt-devel-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 14676c314386335a3886337cd5563dbcda3ccdf7c789aee92384c34fee822e2d
kernel-rt-kvm-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 2d56f15812237c2cb41225c6f1ed849615ac1eec7aa9221f306ddf836e0320f6
kernel-rt-modules-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: 995f270c8c2edb9171191bbcf1dd8cb688e0ca37bb15d918e2decf25a2edafd8
kernel-rt-modules-extra-4.18.0-193.98.1.rt13.149.el8_2.x86_64.rpm
SHA-256: afca8a02d9b6a2dfb85721b926388e0f82bd49a573bbe6a535f599474a366d4a
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Dell VxRail versions earlier than 7.0.450, contain(s) an OS command injection vulnerability in VxRail Manager. A local authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-41222: A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space account...
Red Hat Security Advisory 2023-1130-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include null pointer and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-0858-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes. * CVE-2022-3564: A use-after-free flaw was found in the Linux kernel’s L2CAP bluetooth functionality in ho...
Red Hat Advanced Cluster Management for Kubernetes 2.6.4 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-24999: qs before 6.10.3, as used in Express before 4.17.3 and other products, allows attackers to cause a Node process hang for an Express application because an __ proto__ key can be used. In many typical Express use cases, an unauthenticated remote attacker can place the attack payload i...
Red Hat Security Advisory 2023-0499-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
Red Hat Security Advisory 2023-0399-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2023-0400-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Red Hat Security Advisory 2023-0396-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-43945: kernel: nfsd buffer overflow by RPC message over TCP with garbage data
An update for kernel-rt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2959: kernel: watch queue race condition can lead to privilege escalation * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-3077: kernel: i2c: unbounded length leads to buffer overflow in ismt_access() * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access * CVE-2022-3059...
Red Hat Security Advisory 2023-0101-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2964: kernel: memory corruption in AX88179_178A based USB ethernet device. * CVE-2022-4139: kernel: i915: Incorrect GPU TLB flush can lead to random memory access
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.