Headline
RHSA-2022:6978: Red Hat Security Advisory: kpatch-patch security update
An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
- Red Hat Enterprise Linux Server - AUS 8.4 x86_64
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.4 x86_64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64
Fixes
- BZ - 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4
SRPM
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.src.rpm
SHA-256: eafabef3c77b1d9a9fcf3e25e9cf8103fea13369c29f571ea587f24151ee50dd
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.src.rpm
SHA-256: 3436efb34421cfb20fd0708e118e82f3419ef03ec9d7e02dbd13b3616cd49430
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.src.rpm
SHA-256: 74d2dc32cde2a36ab3b6a8d8b61389f7b58b292977f7ffb30f66d3a7fc86fb7e
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.src.rpm
SHA-256: af80933ff067d417feade88f961296018e0b240f7c904fa0a8d1d7dffb50bb03
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.src.rpm
SHA-256: 747fe3a52ade764707f8494bfcd44bb4d37bd20ed33395a66961c46f2c6d0ad9
x86_64
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.x86_64.rpm
SHA-256: 8a4bd1976486d941665cfef66199969683171dac04441b592c845bab28ea42f8
kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.x86_64.rpm
SHA-256: d0b8f33fce028678f57db880ad59dcddfe82c85336a629891d77a2d3d72a4abe
kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.x86_64.rpm
SHA-256: 88cde8e529ad37e95d5329daf09e05d3c5646db3dd3c89a94daccd8d3b3f8057
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.x86_64.rpm
SHA-256: b658c31c578052f313c7123d84d574815ee987e6d58fdbd01b098d1ff535e5eb
kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.x86_64.rpm
SHA-256: 3de8e46c2dc47e7d867fffd18a991158a7426d48e79f4f07625958e87dad5109
kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.x86_64.rpm
SHA-256: bf4fbdc500201400edef9ad093c1adad0364539968461273328e4d89172c1c1e
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.x86_64.rpm
SHA-256: 0b4bba29ed719d4ae6334734f1cddd6bfbef8a8eb7088831c518b1ddfdca6591
kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.x86_64.rpm
SHA-256: 82a45ef28cc575a58695c7ab6a721ed944c9c51a5b9b37f2b1fc33dab1b91e1b
kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.x86_64.rpm
SHA-256: 28cba60d8d42bc75efc3950818c10d8ab27040dad3ab2bdd4691997f2118db5f
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.x86_64.rpm
SHA-256: 4c7e579a0cef9db8b5d89935532da78ec9b003766dc691ada59a7906801eb8ca
kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: 124ab26f441f31a15ef11fa3effd8fee4f182365b34abce3bd34911d17284743
kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: d694255be1db067b9b1a18748fa1a33c3f1469a370f575a29c2627c9d7386ae3
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.x86_64.rpm
SHA-256: 45f2a5f10525225d45d5693a9307ddf55d5a1fda53eea0afcde6a117ebb63d1d
kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: abca73f32122336d925f4e76b5babb3eb85752a6a248f79deccc18819a62bda2
kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: e875e7898923f36d6f318d481e37b51049c1993b088696f49c42ee765b82ee11
Red Hat Enterprise Linux Server - AUS 8.4
SRPM
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.src.rpm
SHA-256: eafabef3c77b1d9a9fcf3e25e9cf8103fea13369c29f571ea587f24151ee50dd
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.src.rpm
SHA-256: 3436efb34421cfb20fd0708e118e82f3419ef03ec9d7e02dbd13b3616cd49430
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.src.rpm
SHA-256: 74d2dc32cde2a36ab3b6a8d8b61389f7b58b292977f7ffb30f66d3a7fc86fb7e
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.src.rpm
SHA-256: af80933ff067d417feade88f961296018e0b240f7c904fa0a8d1d7dffb50bb03
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.src.rpm
SHA-256: 747fe3a52ade764707f8494bfcd44bb4d37bd20ed33395a66961c46f2c6d0ad9
x86_64
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.x86_64.rpm
SHA-256: 8a4bd1976486d941665cfef66199969683171dac04441b592c845bab28ea42f8
kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.x86_64.rpm
SHA-256: d0b8f33fce028678f57db880ad59dcddfe82c85336a629891d77a2d3d72a4abe
kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.x86_64.rpm
SHA-256: 88cde8e529ad37e95d5329daf09e05d3c5646db3dd3c89a94daccd8d3b3f8057
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.x86_64.rpm
SHA-256: b658c31c578052f313c7123d84d574815ee987e6d58fdbd01b098d1ff535e5eb
kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.x86_64.rpm
SHA-256: 3de8e46c2dc47e7d867fffd18a991158a7426d48e79f4f07625958e87dad5109
kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.x86_64.rpm
SHA-256: bf4fbdc500201400edef9ad093c1adad0364539968461273328e4d89172c1c1e
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.x86_64.rpm
SHA-256: 0b4bba29ed719d4ae6334734f1cddd6bfbef8a8eb7088831c518b1ddfdca6591
kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.x86_64.rpm
SHA-256: 82a45ef28cc575a58695c7ab6a721ed944c9c51a5b9b37f2b1fc33dab1b91e1b
kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.x86_64.rpm
SHA-256: 28cba60d8d42bc75efc3950818c10d8ab27040dad3ab2bdd4691997f2118db5f
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.x86_64.rpm
SHA-256: 4c7e579a0cef9db8b5d89935532da78ec9b003766dc691ada59a7906801eb8ca
kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: 124ab26f441f31a15ef11fa3effd8fee4f182365b34abce3bd34911d17284743
kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: d694255be1db067b9b1a18748fa1a33c3f1469a370f575a29c2627c9d7386ae3
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.x86_64.rpm
SHA-256: 45f2a5f10525225d45d5693a9307ddf55d5a1fda53eea0afcde6a117ebb63d1d
kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: abca73f32122336d925f4e76b5babb3eb85752a6a248f79deccc18819a62bda2
kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: e875e7898923f36d6f318d481e37b51049c1993b088696f49c42ee765b82ee11
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4
SRPM
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.src.rpm
SHA-256: eafabef3c77b1d9a9fcf3e25e9cf8103fea13369c29f571ea587f24151ee50dd
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.src.rpm
SHA-256: 3436efb34421cfb20fd0708e118e82f3419ef03ec9d7e02dbd13b3616cd49430
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.src.rpm
SHA-256: 74d2dc32cde2a36ab3b6a8d8b61389f7b58b292977f7ffb30f66d3a7fc86fb7e
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.src.rpm
SHA-256: af80933ff067d417feade88f961296018e0b240f7c904fa0a8d1d7dffb50bb03
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.src.rpm
SHA-256: 747fe3a52ade764707f8494bfcd44bb4d37bd20ed33395a66961c46f2c6d0ad9
ppc64le
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.ppc64le.rpm
SHA-256: f4ca789bf15468619164e33d3c36ac4bfe1d585a9c9c07bea6fa6f97c04fdcf1
kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.ppc64le.rpm
SHA-256: 7d33ca1e01b382474cdeb67e4efa81599f0ff703375ad1c3370a5338f251c2e5
kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.ppc64le.rpm
SHA-256: a750c382507940cd4bd88b54f1044d03a404502c121a4a628ba7e7362fc56125
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.ppc64le.rpm
SHA-256: 9cc370c4867c40d968f98ec657fa46168c8d4121690f8dcac1ee3e2bf5c29f83
kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.ppc64le.rpm
SHA-256: 88cbf599a85d196944ff42bcb52d3f87f9cbf4ed06ba7d9e95e9db036b2a075c
kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.ppc64le.rpm
SHA-256: 3105182441b19da7bfcc019061319a93ed5ef6bbcef4107ce273c014e8766fb1
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.ppc64le.rpm
SHA-256: d117d1cc41cf257a5278ab0a2add60c3cad842b88cb3e5bbebfecfd1e24a4696
kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.ppc64le.rpm
SHA-256: 9d9b16fd833052eab9076f89e47fb5a448324ac1242709d464fd9868ad734ffa
kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.ppc64le.rpm
SHA-256: 28e128b6eb1922c287cd49fb191501a661402a45e0c6c3230cb43ca5eaf14f03
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.ppc64le.rpm
SHA-256: 439af8232cae28b8abbfd06e03726f7aa9368345123433bf2ad02d3f6a9f63ae
kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.ppc64le.rpm
SHA-256: fa55d6c3af9eff5b92c82cb9724996d72d43dcea53ef215d389b579614edfd27
kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.ppc64le.rpm
SHA-256: cc969165de301cd27f6bb1c024df1fe71aa1636ce2faebe2a0a0695d915372b9
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.ppc64le.rpm
SHA-256: c82c0e64aca335ef735ea61aa69c24f017bef380c61d96bb5a943b4987c6821a
kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.ppc64le.rpm
SHA-256: 2c2c54fedd7babcb840bc97b8f3efd55f71e27160be9c03969a0c69718fef9c5
kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.ppc64le.rpm
SHA-256: c51615c049eadfde6d0be5ac8a9c76e6c03caa89c5fec54e40c4645a64972d52
Red Hat Enterprise Linux Server - TUS 8.4
SRPM
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.src.rpm
SHA-256: eafabef3c77b1d9a9fcf3e25e9cf8103fea13369c29f571ea587f24151ee50dd
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.src.rpm
SHA-256: 3436efb34421cfb20fd0708e118e82f3419ef03ec9d7e02dbd13b3616cd49430
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.src.rpm
SHA-256: 74d2dc32cde2a36ab3b6a8d8b61389f7b58b292977f7ffb30f66d3a7fc86fb7e
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.src.rpm
SHA-256: af80933ff067d417feade88f961296018e0b240f7c904fa0a8d1d7dffb50bb03
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.src.rpm
SHA-256: 747fe3a52ade764707f8494bfcd44bb4d37bd20ed33395a66961c46f2c6d0ad9
x86_64
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.x86_64.rpm
SHA-256: 8a4bd1976486d941665cfef66199969683171dac04441b592c845bab28ea42f8
kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.x86_64.rpm
SHA-256: d0b8f33fce028678f57db880ad59dcddfe82c85336a629891d77a2d3d72a4abe
kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.x86_64.rpm
SHA-256: 88cde8e529ad37e95d5329daf09e05d3c5646db3dd3c89a94daccd8d3b3f8057
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.x86_64.rpm
SHA-256: b658c31c578052f313c7123d84d574815ee987e6d58fdbd01b098d1ff535e5eb
kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.x86_64.rpm
SHA-256: 3de8e46c2dc47e7d867fffd18a991158a7426d48e79f4f07625958e87dad5109
kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.x86_64.rpm
SHA-256: bf4fbdc500201400edef9ad093c1adad0364539968461273328e4d89172c1c1e
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.x86_64.rpm
SHA-256: 0b4bba29ed719d4ae6334734f1cddd6bfbef8a8eb7088831c518b1ddfdca6591
kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.x86_64.rpm
SHA-256: 82a45ef28cc575a58695c7ab6a721ed944c9c51a5b9b37f2b1fc33dab1b91e1b
kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.x86_64.rpm
SHA-256: 28cba60d8d42bc75efc3950818c10d8ab27040dad3ab2bdd4691997f2118db5f
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.x86_64.rpm
SHA-256: 4c7e579a0cef9db8b5d89935532da78ec9b003766dc691ada59a7906801eb8ca
kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: 124ab26f441f31a15ef11fa3effd8fee4f182365b34abce3bd34911d17284743
kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: d694255be1db067b9b1a18748fa1a33c3f1469a370f575a29c2627c9d7386ae3
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.x86_64.rpm
SHA-256: 45f2a5f10525225d45d5693a9307ddf55d5a1fda53eea0afcde6a117ebb63d1d
kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: abca73f32122336d925f4e76b5babb3eb85752a6a248f79deccc18819a62bda2
kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: e875e7898923f36d6f318d481e37b51049c1993b088696f49c42ee765b82ee11
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4
SRPM
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.src.rpm
SHA-256: eafabef3c77b1d9a9fcf3e25e9cf8103fea13369c29f571ea587f24151ee50dd
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.src.rpm
SHA-256: 3436efb34421cfb20fd0708e118e82f3419ef03ec9d7e02dbd13b3616cd49430
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.src.rpm
SHA-256: 74d2dc32cde2a36ab3b6a8d8b61389f7b58b292977f7ffb30f66d3a7fc86fb7e
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.src.rpm
SHA-256: af80933ff067d417feade88f961296018e0b240f7c904fa0a8d1d7dffb50bb03
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.src.rpm
SHA-256: 747fe3a52ade764707f8494bfcd44bb4d37bd20ed33395a66961c46f2c6d0ad9
ppc64le
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.ppc64le.rpm
SHA-256: f4ca789bf15468619164e33d3c36ac4bfe1d585a9c9c07bea6fa6f97c04fdcf1
kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.ppc64le.rpm
SHA-256: 7d33ca1e01b382474cdeb67e4efa81599f0ff703375ad1c3370a5338f251c2e5
kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.ppc64le.rpm
SHA-256: a750c382507940cd4bd88b54f1044d03a404502c121a4a628ba7e7362fc56125
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.ppc64le.rpm
SHA-256: 9cc370c4867c40d968f98ec657fa46168c8d4121690f8dcac1ee3e2bf5c29f83
kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.ppc64le.rpm
SHA-256: 88cbf599a85d196944ff42bcb52d3f87f9cbf4ed06ba7d9e95e9db036b2a075c
kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.ppc64le.rpm
SHA-256: 3105182441b19da7bfcc019061319a93ed5ef6bbcef4107ce273c014e8766fb1
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.ppc64le.rpm
SHA-256: d117d1cc41cf257a5278ab0a2add60c3cad842b88cb3e5bbebfecfd1e24a4696
kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.ppc64le.rpm
SHA-256: 9d9b16fd833052eab9076f89e47fb5a448324ac1242709d464fd9868ad734ffa
kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.ppc64le.rpm
SHA-256: 28e128b6eb1922c287cd49fb191501a661402a45e0c6c3230cb43ca5eaf14f03
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.ppc64le.rpm
SHA-256: 439af8232cae28b8abbfd06e03726f7aa9368345123433bf2ad02d3f6a9f63ae
kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.ppc64le.rpm
SHA-256: fa55d6c3af9eff5b92c82cb9724996d72d43dcea53ef215d389b579614edfd27
kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.ppc64le.rpm
SHA-256: cc969165de301cd27f6bb1c024df1fe71aa1636ce2faebe2a0a0695d915372b9
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.ppc64le.rpm
SHA-256: c82c0e64aca335ef735ea61aa69c24f017bef380c61d96bb5a943b4987c6821a
kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.ppc64le.rpm
SHA-256: 2c2c54fedd7babcb840bc97b8f3efd55f71e27160be9c03969a0c69718fef9c5
kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.ppc64le.rpm
SHA-256: c51615c049eadfde6d0be5ac8a9c76e6c03caa89c5fec54e40c4645a64972d52
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4
SRPM
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.src.rpm
SHA-256: eafabef3c77b1d9a9fcf3e25e9cf8103fea13369c29f571ea587f24151ee50dd
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.src.rpm
SHA-256: 3436efb34421cfb20fd0708e118e82f3419ef03ec9d7e02dbd13b3616cd49430
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.src.rpm
SHA-256: 74d2dc32cde2a36ab3b6a8d8b61389f7b58b292977f7ffb30f66d3a7fc86fb7e
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.src.rpm
SHA-256: af80933ff067d417feade88f961296018e0b240f7c904fa0a8d1d7dffb50bb03
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.src.rpm
SHA-256: 747fe3a52ade764707f8494bfcd44bb4d37bd20ed33395a66961c46f2c6d0ad9
x86_64
kpatch-patch-4_18_0-305_25_1-1-9.el8_4.x86_64.rpm
SHA-256: 8a4bd1976486d941665cfef66199969683171dac04441b592c845bab28ea42f8
kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.x86_64.rpm
SHA-256: d0b8f33fce028678f57db880ad59dcddfe82c85336a629891d77a2d3d72a4abe
kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.x86_64.rpm
SHA-256: 88cde8e529ad37e95d5329daf09e05d3c5646db3dd3c89a94daccd8d3b3f8057
kpatch-patch-4_18_0-305_45_1-1-3.el8_4.x86_64.rpm
SHA-256: b658c31c578052f313c7123d84d574815ee987e6d58fdbd01b098d1ff535e5eb
kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.x86_64.rpm
SHA-256: 3de8e46c2dc47e7d867fffd18a991158a7426d48e79f4f07625958e87dad5109
kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.x86_64.rpm
SHA-256: bf4fbdc500201400edef9ad093c1adad0364539968461273328e4d89172c1c1e
kpatch-patch-4_18_0-305_49_1-1-2.el8_4.x86_64.rpm
SHA-256: 0b4bba29ed719d4ae6334734f1cddd6bfbef8a8eb7088831c518b1ddfdca6591
kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.x86_64.rpm
SHA-256: 82a45ef28cc575a58695c7ab6a721ed944c9c51a5b9b37f2b1fc33dab1b91e1b
kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.x86_64.rpm
SHA-256: 28cba60d8d42bc75efc3950818c10d8ab27040dad3ab2bdd4691997f2118db5f
kpatch-patch-4_18_0-305_57_1-1-1.el8_4.x86_64.rpm
SHA-256: 4c7e579a0cef9db8b5d89935532da78ec9b003766dc691ada59a7906801eb8ca
kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: 124ab26f441f31a15ef11fa3effd8fee4f182365b34abce3bd34911d17284743
kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: d694255be1db067b9b1a18748fa1a33c3f1469a370f575a29c2627c9d7386ae3
kpatch-patch-4_18_0-305_62_1-1-1.el8_4.x86_64.rpm
SHA-256: 45f2a5f10525225d45d5693a9307ddf55d5a1fda53eea0afcde6a117ebb63d1d
kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.x86_64.rpm
SHA-256: abca73f32122336d925f4e76b5babb3eb85752a6a248f79deccc18819a62bda2
kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.x86_64.rpm
SHA-256: e875e7898923f36d6f318d481e37b51049c1993b088696f49c42ee765b82ee11
Related news
Red Hat Security Advisory 2023-4023-01 - The kpatch management tool provides a kernel patching infrastructure which allows you to patch a running kernel without rebooting or restarting any processes. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.
Red Hat OpenShift Container Platform release 4.8.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go...
Logging Subsystem 5.5.4 - Red Hat OpenShift Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Security Advisory 2022-7216-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.51. Issues addressed include code execution and memory leak vulnerabilities.
Red Hat Security Advisory 2022-7337-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include code execution, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-7201-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.12. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2022-7211-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.39. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2022-7279-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete c...
Red Hat Security Advisory 2022-7146-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Red Hat Security Advisory 2022-6983-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CV...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-45485: kernel: information leak in the IPv6 implementation * CVE-2021-45486: kernel: information leak in the IPv4 implementation * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) *...
Red Hat Security Advisory 2022-6872-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation * CVE-2022-21123: hw: cpu: Incomplete cleanup of multi-core shared buffers (aka SBDR) * CVE-2022-21125: hw: cpu: Incomplete cleanup of microarchitectural fill buffers (aka SBDS) * CVE-2022-21166: hw: cpu: Incomplete clea...
Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...
Ubuntu Security Notice 5588-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code.
Details of an eight-year-old security vulnerability in the Linux kernel have emerged that the researchers say is "as nasty as Dirty Pipe." Dubbed DirtyCred by a group of academics from Northwestern University, the security weakness exploits a previously unknown flaw (CVE-2022-2588) to escalate privileges to the maximum level. "DirtyCred is a kernel exploitation concept that swaps unprivileged
Ubuntu Security Notice 5567-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5560-2 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
Ubuntu Security Notice 5560-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.