Headline
RHSA-2023:4230: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-42896: A use-after-free flaw was found in the Linux kernel’s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
Fixes
- BZ - 2147364 - CVE-2022-42896 kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.src.rpm
SHA-256: 3824e3dcd9410c05a747be7153fb36c5e8e26b06758be6e3133acf54ada0c49a
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.src.rpm
SHA-256: a9e541fd2a294170661f79a56b86af0aa90515f8220c743fa00602f66da4cfb2
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.src.rpm
SHA-256: f55e1430e06913a171fa318f8d7a3baf055d7dca3c726ffdd36a410b6298c9ba
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.src.rpm
SHA-256: e41fcc0cd736c77088489599b6e8e8fc18d3e002c77b9f7ab3fa1354b697ece7
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.src.rpm
SHA-256: 86a895242e16b627c202bf3d160aadb19b97b241db5de1fcb1860e1e1b2f9d1a
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.src.rpm
SHA-256: 6ac1b5b3b5cb9b098bfbf8d25b585706105a41c09d5e6147bc2f56d8e7cf0688
x86_64
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.x86_64.rpm
SHA-256: 10affa30e5d19201c152c44f5b5fb3c15b5d78b8b72109f7906aa72d61ead3aa
kpatch-patch-5_14_0-70_36_1-debuginfo-1-6.el9_0.x86_64.rpm
SHA-256: da530f4faeb281c3e66f3ec957f8a88e7b042e5d5510e2cb817e923e00d5fc1d
kpatch-patch-5_14_0-70_36_1-debugsource-1-6.el9_0.x86_64.rpm
SHA-256: e4628408258b929b7ed64de36d7cf13889730a90a68c7b9d8db908db60197d20
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.x86_64.rpm
SHA-256: 7d007be0192a37ea5d2a6b55df2582643ebb2f765938f62e914e21fb962aad54
kpatch-patch-5_14_0-70_43_1-debuginfo-1-5.el9_0.x86_64.rpm
SHA-256: ce5b97f3dac8ac65e41e345287b7af3a78b9a592bcdc898087b7893f411be419
kpatch-patch-5_14_0-70_43_1-debugsource-1-5.el9_0.x86_64.rpm
SHA-256: 8c666d370d9d33816bdf60032358956b84a4f4dfb8b609c3fa149191a323a3c0
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.x86_64.rpm
SHA-256: e8bda19d258e266238a64efe619d8e8229ab3a406df88afa6d1bd4a4ea511fad
kpatch-patch-5_14_0-70_49_1-debuginfo-1-4.el9_0.x86_64.rpm
SHA-256: f20535e7d738ff69e843b39ee4d9ce0cf2d7a66c42b573ff3093ab4f23ad99df
kpatch-patch-5_14_0-70_49_1-debugsource-1-4.el9_0.x86_64.rpm
SHA-256: f1ff0e3ab35db8b0f156a9b016fb59f06f667450e3d7825b0d7021a080b871e3
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.x86_64.rpm
SHA-256: b24496ac223645999dafcdfbc403dd42c92a164210f7b0d2aef5aeb9e7894ac6
kpatch-patch-5_14_0-70_50_2-debuginfo-1-3.el9_0.x86_64.rpm
SHA-256: f14292e3440d2a89d3d332f8e64d7146694f60c29c805e17406d922295dfb974
kpatch-patch-5_14_0-70_50_2-debugsource-1-3.el9_0.x86_64.rpm
SHA-256: f557646b3814d7866af5fd78ee424d19e0d2c8d96c745fa3163ab041699afb8c
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.x86_64.rpm
SHA-256: 14b1396018b6b1a9bb35bb03918e95542218f340efc96bb90b47cbf8b4a12f88
kpatch-patch-5_14_0-70_53_1-debuginfo-1-2.el9_0.x86_64.rpm
SHA-256: ba69857e9cccb59019378d3f2525102d64f1fd45a71001795106edb73353c738
kpatch-patch-5_14_0-70_53_1-debugsource-1-2.el9_0.x86_64.rpm
SHA-256: dd13e46c0e93c97727188a5ef4db54c9ad10da9425f41d8b1e21aebe545f703d
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.x86_64.rpm
SHA-256: 8e1f88f0037de4f3fa64580dbb62760fa8e457cb0a677cf383bfef5e5c8c9d60
kpatch-patch-5_14_0-70_58_1-debuginfo-1-1.el9_0.x86_64.rpm
SHA-256: c7669c3bf78ff9df7a252dd39cb84d77e74d9a6192e30bb90acd825b982ed97c
kpatch-patch-5_14_0-70_58_1-debugsource-1-1.el9_0.x86_64.rpm
SHA-256: bb91504359d7be8f4e50b203b71bba89876a92ccca6ef44eed241237ef22025b
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.src.rpm
SHA-256: 3824e3dcd9410c05a747be7153fb36c5e8e26b06758be6e3133acf54ada0c49a
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.src.rpm
SHA-256: a9e541fd2a294170661f79a56b86af0aa90515f8220c743fa00602f66da4cfb2
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.src.rpm
SHA-256: f55e1430e06913a171fa318f8d7a3baf055d7dca3c726ffdd36a410b6298c9ba
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.src.rpm
SHA-256: e41fcc0cd736c77088489599b6e8e8fc18d3e002c77b9f7ab3fa1354b697ece7
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.src.rpm
SHA-256: 86a895242e16b627c202bf3d160aadb19b97b241db5de1fcb1860e1e1b2f9d1a
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.src.rpm
SHA-256: 6ac1b5b3b5cb9b098bfbf8d25b585706105a41c09d5e6147bc2f56d8e7cf0688
ppc64le
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.ppc64le.rpm
SHA-256: fbe94b7b1a86ba4b22a8d367ff21d60e65ef82a12dce261d17482088ffd2cc95
kpatch-patch-5_14_0-70_36_1-debuginfo-1-6.el9_0.ppc64le.rpm
SHA-256: 99861c42a9660a22057b1eeb3182f37024efe708fc4daab25c74c8f6d5417f97
kpatch-patch-5_14_0-70_36_1-debugsource-1-6.el9_0.ppc64le.rpm
SHA-256: 2ed2689decde27f644d0aa0f5d509bb16a183484a35dc1f29b4d16d8fba95681
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.ppc64le.rpm
SHA-256: 8ce4144cf70706394874b8a7af287155a3a2c4a6726c95a5aeb5702384512bc3
kpatch-patch-5_14_0-70_43_1-debuginfo-1-5.el9_0.ppc64le.rpm
SHA-256: c9e45e4c18d15fa7021fce682e116fce19f6af3093813f89e083083afd59dbe2
kpatch-patch-5_14_0-70_43_1-debugsource-1-5.el9_0.ppc64le.rpm
SHA-256: 2fc5256f3a0ce29ca09c916bbce5401be73cb83f8586d883132cfdfa38ea8630
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.ppc64le.rpm
SHA-256: fbfbd9bd89860227c666eea660e827e291b42f7bfe4fd312b7016dc5ba5d44d0
kpatch-patch-5_14_0-70_49_1-debuginfo-1-4.el9_0.ppc64le.rpm
SHA-256: 0be02387970a58dfbcade334ee0c7db747269773ec4cf1d676264c192951e11f
kpatch-patch-5_14_0-70_49_1-debugsource-1-4.el9_0.ppc64le.rpm
SHA-256: 53ccb5b4dfd0092fc82c64c99c5f90c649ae0ad57d04d2fe261ee0eb319c6b30
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.ppc64le.rpm
SHA-256: cc2a8bcae3888409ae060a5439c97cd1e6f4a5f089788820255861b6c0c07b15
kpatch-patch-5_14_0-70_50_2-debuginfo-1-3.el9_0.ppc64le.rpm
SHA-256: 5a678fa49ac9d21613b87766d8cbd948a31726e73fd4de82a8a787247c5cb861
kpatch-patch-5_14_0-70_50_2-debugsource-1-3.el9_0.ppc64le.rpm
SHA-256: 19f80d0496d5b1b4ed71b0c5ffeea17e706d507c291905fba445c947d1e38a1f
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.ppc64le.rpm
SHA-256: 5b6de0ebe8b6dcacd622773b3240dfc70bedb2f449466f476a9e47c8f64d72cc
kpatch-patch-5_14_0-70_53_1-debuginfo-1-2.el9_0.ppc64le.rpm
SHA-256: fe31f46a5a6db5e64ca8fc3839bdfa3700fe2ecf47781e2abcc4a516b73fbdcd
kpatch-patch-5_14_0-70_53_1-debugsource-1-2.el9_0.ppc64le.rpm
SHA-256: 31d46288ac4d2b67b34a9794df129e4abfd0f9e1c8f72830ebe850cd198bdb9a
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.ppc64le.rpm
SHA-256: 7b6039beedbb505cbe54e5fb067646fcdee79ffe192e8c26765ea85f7df3cebf
kpatch-patch-5_14_0-70_58_1-debuginfo-1-1.el9_0.ppc64le.rpm
SHA-256: e5c28d614daa88d5ec1513f5d0605763952258426bdcda1720f873447da4f503
kpatch-patch-5_14_0-70_58_1-debugsource-1-1.el9_0.ppc64le.rpm
SHA-256: 73ee16785966b48cdff0abf98d2bece49478ba970ce4aa92529c403dab8ddcb5
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.src.rpm
SHA-256: 3824e3dcd9410c05a747be7153fb36c5e8e26b06758be6e3133acf54ada0c49a
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.src.rpm
SHA-256: a9e541fd2a294170661f79a56b86af0aa90515f8220c743fa00602f66da4cfb2
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.src.rpm
SHA-256: f55e1430e06913a171fa318f8d7a3baf055d7dca3c726ffdd36a410b6298c9ba
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.src.rpm
SHA-256: e41fcc0cd736c77088489599b6e8e8fc18d3e002c77b9f7ab3fa1354b697ece7
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.src.rpm
SHA-256: 86a895242e16b627c202bf3d160aadb19b97b241db5de1fcb1860e1e1b2f9d1a
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.src.rpm
SHA-256: 6ac1b5b3b5cb9b098bfbf8d25b585706105a41c09d5e6147bc2f56d8e7cf0688
ppc64le
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.ppc64le.rpm
SHA-256: fbe94b7b1a86ba4b22a8d367ff21d60e65ef82a12dce261d17482088ffd2cc95
kpatch-patch-5_14_0-70_36_1-debuginfo-1-6.el9_0.ppc64le.rpm
SHA-256: 99861c42a9660a22057b1eeb3182f37024efe708fc4daab25c74c8f6d5417f97
kpatch-patch-5_14_0-70_36_1-debugsource-1-6.el9_0.ppc64le.rpm
SHA-256: 2ed2689decde27f644d0aa0f5d509bb16a183484a35dc1f29b4d16d8fba95681
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.ppc64le.rpm
SHA-256: 8ce4144cf70706394874b8a7af287155a3a2c4a6726c95a5aeb5702384512bc3
kpatch-patch-5_14_0-70_43_1-debuginfo-1-5.el9_0.ppc64le.rpm
SHA-256: c9e45e4c18d15fa7021fce682e116fce19f6af3093813f89e083083afd59dbe2
kpatch-patch-5_14_0-70_43_1-debugsource-1-5.el9_0.ppc64le.rpm
SHA-256: 2fc5256f3a0ce29ca09c916bbce5401be73cb83f8586d883132cfdfa38ea8630
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.ppc64le.rpm
SHA-256: fbfbd9bd89860227c666eea660e827e291b42f7bfe4fd312b7016dc5ba5d44d0
kpatch-patch-5_14_0-70_49_1-debuginfo-1-4.el9_0.ppc64le.rpm
SHA-256: 0be02387970a58dfbcade334ee0c7db747269773ec4cf1d676264c192951e11f
kpatch-patch-5_14_0-70_49_1-debugsource-1-4.el9_0.ppc64le.rpm
SHA-256: 53ccb5b4dfd0092fc82c64c99c5f90c649ae0ad57d04d2fe261ee0eb319c6b30
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.ppc64le.rpm
SHA-256: cc2a8bcae3888409ae060a5439c97cd1e6f4a5f089788820255861b6c0c07b15
kpatch-patch-5_14_0-70_50_2-debuginfo-1-3.el9_0.ppc64le.rpm
SHA-256: 5a678fa49ac9d21613b87766d8cbd948a31726e73fd4de82a8a787247c5cb861
kpatch-patch-5_14_0-70_50_2-debugsource-1-3.el9_0.ppc64le.rpm
SHA-256: 19f80d0496d5b1b4ed71b0c5ffeea17e706d507c291905fba445c947d1e38a1f
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.ppc64le.rpm
SHA-256: 5b6de0ebe8b6dcacd622773b3240dfc70bedb2f449466f476a9e47c8f64d72cc
kpatch-patch-5_14_0-70_53_1-debuginfo-1-2.el9_0.ppc64le.rpm
SHA-256: fe31f46a5a6db5e64ca8fc3839bdfa3700fe2ecf47781e2abcc4a516b73fbdcd
kpatch-patch-5_14_0-70_53_1-debugsource-1-2.el9_0.ppc64le.rpm
SHA-256: 31d46288ac4d2b67b34a9794df129e4abfd0f9e1c8f72830ebe850cd198bdb9a
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.ppc64le.rpm
SHA-256: 7b6039beedbb505cbe54e5fb067646fcdee79ffe192e8c26765ea85f7df3cebf
kpatch-patch-5_14_0-70_58_1-debuginfo-1-1.el9_0.ppc64le.rpm
SHA-256: e5c28d614daa88d5ec1513f5d0605763952258426bdcda1720f873447da4f503
kpatch-patch-5_14_0-70_58_1-debugsource-1-1.el9_0.ppc64le.rpm
SHA-256: 73ee16785966b48cdff0abf98d2bece49478ba970ce4aa92529c403dab8ddcb5
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.src.rpm
SHA-256: 3824e3dcd9410c05a747be7153fb36c5e8e26b06758be6e3133acf54ada0c49a
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.src.rpm
SHA-256: a9e541fd2a294170661f79a56b86af0aa90515f8220c743fa00602f66da4cfb2
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.src.rpm
SHA-256: f55e1430e06913a171fa318f8d7a3baf055d7dca3c726ffdd36a410b6298c9ba
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.src.rpm
SHA-256: e41fcc0cd736c77088489599b6e8e8fc18d3e002c77b9f7ab3fa1354b697ece7
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.src.rpm
SHA-256: 86a895242e16b627c202bf3d160aadb19b97b241db5de1fcb1860e1e1b2f9d1a
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.src.rpm
SHA-256: 6ac1b5b3b5cb9b098bfbf8d25b585706105a41c09d5e6147bc2f56d8e7cf0688
x86_64
kpatch-patch-5_14_0-70_36_1-1-6.el9_0.x86_64.rpm
SHA-256: 10affa30e5d19201c152c44f5b5fb3c15b5d78b8b72109f7906aa72d61ead3aa
kpatch-patch-5_14_0-70_36_1-debuginfo-1-6.el9_0.x86_64.rpm
SHA-256: da530f4faeb281c3e66f3ec957f8a88e7b042e5d5510e2cb817e923e00d5fc1d
kpatch-patch-5_14_0-70_36_1-debugsource-1-6.el9_0.x86_64.rpm
SHA-256: e4628408258b929b7ed64de36d7cf13889730a90a68c7b9d8db908db60197d20
kpatch-patch-5_14_0-70_43_1-1-5.el9_0.x86_64.rpm
SHA-256: 7d007be0192a37ea5d2a6b55df2582643ebb2f765938f62e914e21fb962aad54
kpatch-patch-5_14_0-70_43_1-debuginfo-1-5.el9_0.x86_64.rpm
SHA-256: ce5b97f3dac8ac65e41e345287b7af3a78b9a592bcdc898087b7893f411be419
kpatch-patch-5_14_0-70_43_1-debugsource-1-5.el9_0.x86_64.rpm
SHA-256: 8c666d370d9d33816bdf60032358956b84a4f4dfb8b609c3fa149191a323a3c0
kpatch-patch-5_14_0-70_49_1-1-4.el9_0.x86_64.rpm
SHA-256: e8bda19d258e266238a64efe619d8e8229ab3a406df88afa6d1bd4a4ea511fad
kpatch-patch-5_14_0-70_49_1-debuginfo-1-4.el9_0.x86_64.rpm
SHA-256: f20535e7d738ff69e843b39ee4d9ce0cf2d7a66c42b573ff3093ab4f23ad99df
kpatch-patch-5_14_0-70_49_1-debugsource-1-4.el9_0.x86_64.rpm
SHA-256: f1ff0e3ab35db8b0f156a9b016fb59f06f667450e3d7825b0d7021a080b871e3
kpatch-patch-5_14_0-70_50_2-1-3.el9_0.x86_64.rpm
SHA-256: b24496ac223645999dafcdfbc403dd42c92a164210f7b0d2aef5aeb9e7894ac6
kpatch-patch-5_14_0-70_50_2-debuginfo-1-3.el9_0.x86_64.rpm
SHA-256: f14292e3440d2a89d3d332f8e64d7146694f60c29c805e17406d922295dfb974
kpatch-patch-5_14_0-70_50_2-debugsource-1-3.el9_0.x86_64.rpm
SHA-256: f557646b3814d7866af5fd78ee424d19e0d2c8d96c745fa3163ab041699afb8c
kpatch-patch-5_14_0-70_53_1-1-2.el9_0.x86_64.rpm
SHA-256: 14b1396018b6b1a9bb35bb03918e95542218f340efc96bb90b47cbf8b4a12f88
kpatch-patch-5_14_0-70_53_1-debuginfo-1-2.el9_0.x86_64.rpm
SHA-256: ba69857e9cccb59019378d3f2525102d64f1fd45a71001795106edb73353c738
kpatch-patch-5_14_0-70_53_1-debugsource-1-2.el9_0.x86_64.rpm
SHA-256: dd13e46c0e93c97727188a5ef4db54c9ad10da9425f41d8b1e21aebe545f703d
kpatch-patch-5_14_0-70_58_1-1-1.el9_0.x86_64.rpm
SHA-256: 8e1f88f0037de4f3fa64580dbb62760fa8e457cb0a677cf383bfef5e5c8c9d60
kpatch-patch-5_14_0-70_58_1-debuginfo-1-1.el9_0.x86_64.rpm
SHA-256: c7669c3bf78ff9df7a252dd39cb84d77e74d9a6192e30bb90acd825b982ed97c
kpatch-patch-5_14_0-70_58_1-debugsource-1-1.el9_0.x86_64.rpm
SHA-256: bb91504359d7be8f4e50b203b71bba89876a92ccca6ef44eed241237ef22025b
Related news
Red Hat Security Advisory 2024-1332-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could exec...
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code l...
Red Hat Security Advisory 2023-4531-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4138-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include out of bounds access and use-after-free vulnerabilities.
Red Hat Security Advisory 2023-4137-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connec...
Ubuntu Security Notice 5879-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5831-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5809-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5804-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5802-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5794-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.