Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:7171: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation
Red Hat Security Data
#vulnerability#linux#red_hat#sap

Synopsis

Important: kernel security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • backports from upstream for netfilter (BZ#2120635)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server - AUS 7.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 7.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6 x86_64

Fixes

  • BZ - 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Red Hat Enterprise Linux Server - AUS 7.6

SRPM

kernel-3.10.0-957.99.1.el7.src.rpm

SHA-256: c6d071180c4b2cd43f5b4cc0d10dbc93d0f5987b8a6c03f4fa92f25100f531b0

x86_64

bpftool-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 1220973e1f750c91fe4fae9a7049ba8d3c8fe32076a890caf8ebeb46927c6f95

kernel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: e030e6ca1a33fb23bb569a83cd33edeaa6d8385e290c69e89272dcd656f6ad9a

kernel-abi-whitelists-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 72513cf79a43387d7037266208b0fca7519d6e08c89b7b2a179b6905eb75f1cf

kernel-debug-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 4ac364b31a0268a12a37cc40708b15f8c23d9dfbebaf4af75cb24edebc3296c9

kernel-debug-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 0a5a7a909cea917f0f7d6247f5abb832156e58ef6ab5f6d25d8db436c9ecd0c4

kernel-debug-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 0a5a7a909cea917f0f7d6247f5abb832156e58ef6ab5f6d25d8db436c9ecd0c4

kernel-debug-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 557a9b2c33a7bac91116f70c96d4f3a32b55d1be01e4687eb7ad2ab78ebccee8

kernel-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 6ef4ed63e05b4aec511c3461b61b6ab7e8b59daeeed0b9d2dfb02fa36172b54e

kernel-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 6ef4ed63e05b4aec511c3461b61b6ab7e8b59daeeed0b9d2dfb02fa36172b54e

kernel-debuginfo-common-x86_64-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 51d989a704b0d29642bda6113900c4777f1041751d7042c87a3b80c893565044

kernel-debuginfo-common-x86_64-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 51d989a704b0d29642bda6113900c4777f1041751d7042c87a3b80c893565044

kernel-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 4487cbf8b63afc6f25f80bd3a59b48843d77c0b00879bb6ad4eb15280ae7bbd1

kernel-doc-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 664944233e848ccb4129d771e9cd26986cd2d9cfe6ea9257b5972465ff477d09

kernel-headers-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: b17bd8840098ad3535fb33c0838b9dc43ae6939ef2b2c22617cc4fd1f47f5dce

kernel-tools-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7c35bab6c3c708c1659968e2e1bf271afd6d03709352a24d25bd88d24160f857

kernel-tools-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 52f4d4853b8ea9a0854bb7fd41ecfcc6e8d6ede72d153c0fe00e47fd4a7554f9

kernel-tools-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 52f4d4853b8ea9a0854bb7fd41ecfcc6e8d6ede72d153c0fe00e47fd4a7554f9

kernel-tools-libs-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: c91b836e7e445a1e4f70185635a5aeca20697ef43b72b426d9863940a6c6320c

kernel-tools-libs-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 12014d8a07045713dda23d0e31f757d2075cb7e7e6f5ee6cf64d8ae727860122

perf-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 764c6344d5c26a299cb33ac1c7d1da99088beafc3bff46130bc5b7a3c4c997fc

perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 3a6848a35712a60c821c097b92c22059f586dce93ec66f329d27ea8b29e3f7ce

perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 3a6848a35712a60c821c097b92c22059f586dce93ec66f329d27ea8b29e3f7ce

python-perf-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: fa1612b1d8f2fd1daa5bb84c7e9b0d33568f073cbcaf26eff09e0b5da1350028

python-perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7e88a9cf4c5e909fa4608927f455a0a5fd16ad9dd7584603ebf2275929b2216c

python-perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7e88a9cf4c5e909fa4608927f455a0a5fd16ad9dd7584603ebf2275929b2216c

Red Hat Enterprise Linux Server - TUS 7.6

SRPM

kernel-3.10.0-957.99.1.el7.src.rpm

SHA-256: c6d071180c4b2cd43f5b4cc0d10dbc93d0f5987b8a6c03f4fa92f25100f531b0

x86_64

bpftool-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 1220973e1f750c91fe4fae9a7049ba8d3c8fe32076a890caf8ebeb46927c6f95

kernel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: e030e6ca1a33fb23bb569a83cd33edeaa6d8385e290c69e89272dcd656f6ad9a

kernel-abi-whitelists-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 72513cf79a43387d7037266208b0fca7519d6e08c89b7b2a179b6905eb75f1cf

kernel-debug-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 4ac364b31a0268a12a37cc40708b15f8c23d9dfbebaf4af75cb24edebc3296c9

kernel-debug-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 0a5a7a909cea917f0f7d6247f5abb832156e58ef6ab5f6d25d8db436c9ecd0c4

kernel-debug-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 0a5a7a909cea917f0f7d6247f5abb832156e58ef6ab5f6d25d8db436c9ecd0c4

kernel-debug-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 557a9b2c33a7bac91116f70c96d4f3a32b55d1be01e4687eb7ad2ab78ebccee8

kernel-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 6ef4ed63e05b4aec511c3461b61b6ab7e8b59daeeed0b9d2dfb02fa36172b54e

kernel-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 6ef4ed63e05b4aec511c3461b61b6ab7e8b59daeeed0b9d2dfb02fa36172b54e

kernel-debuginfo-common-x86_64-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 51d989a704b0d29642bda6113900c4777f1041751d7042c87a3b80c893565044

kernel-debuginfo-common-x86_64-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 51d989a704b0d29642bda6113900c4777f1041751d7042c87a3b80c893565044

kernel-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 4487cbf8b63afc6f25f80bd3a59b48843d77c0b00879bb6ad4eb15280ae7bbd1

kernel-doc-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 664944233e848ccb4129d771e9cd26986cd2d9cfe6ea9257b5972465ff477d09

kernel-headers-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: b17bd8840098ad3535fb33c0838b9dc43ae6939ef2b2c22617cc4fd1f47f5dce

kernel-tools-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7c35bab6c3c708c1659968e2e1bf271afd6d03709352a24d25bd88d24160f857

kernel-tools-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 52f4d4853b8ea9a0854bb7fd41ecfcc6e8d6ede72d153c0fe00e47fd4a7554f9

kernel-tools-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 52f4d4853b8ea9a0854bb7fd41ecfcc6e8d6ede72d153c0fe00e47fd4a7554f9

kernel-tools-libs-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: c91b836e7e445a1e4f70185635a5aeca20697ef43b72b426d9863940a6c6320c

kernel-tools-libs-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 12014d8a07045713dda23d0e31f757d2075cb7e7e6f5ee6cf64d8ae727860122

perf-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 764c6344d5c26a299cb33ac1c7d1da99088beafc3bff46130bc5b7a3c4c997fc

perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 3a6848a35712a60c821c097b92c22059f586dce93ec66f329d27ea8b29e3f7ce

perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 3a6848a35712a60c821c097b92c22059f586dce93ec66f329d27ea8b29e3f7ce

python-perf-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: fa1612b1d8f2fd1daa5bb84c7e9b0d33568f073cbcaf26eff09e0b5da1350028

python-perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7e88a9cf4c5e909fa4608927f455a0a5fd16ad9dd7584603ebf2275929b2216c

python-perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7e88a9cf4c5e909fa4608927f455a0a5fd16ad9dd7584603ebf2275929b2216c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.6

SRPM

kernel-3.10.0-957.99.1.el7.src.rpm

SHA-256: c6d071180c4b2cd43f5b4cc0d10dbc93d0f5987b8a6c03f4fa92f25100f531b0

ppc64le

kernel-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 3c8438a4d07867824598b0f01c1e1959e07e017ee53eb129cb4908e6538b73d2

kernel-abi-whitelists-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 72513cf79a43387d7037266208b0fca7519d6e08c89b7b2a179b6905eb75f1cf

kernel-bootwrapper-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 9d897a8f8fe673852c549d72de10d1d2a411496dc13dfedfb5bacd44c9b2ab81

kernel-debug-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 556ceb6b0dc427d8d72ad37ef43f3fdd6bd8adbe70e0dd702e0461b7e1aed16b

kernel-debug-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: b2fd23025f8bea13c4c893b1a44390ad395e9c49f97315c445918cdc504450ee

kernel-debug-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: b2fd23025f8bea13c4c893b1a44390ad395e9c49f97315c445918cdc504450ee

kernel-debug-devel-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 32098651093c5637bc3d5674c402cc35e22c12a226ec6351fceb83b294eed71d

kernel-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 62b37401557fc9ca33cda2c4677a91cf3a3d11c83ee67662ce1cb21631499325

kernel-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 62b37401557fc9ca33cda2c4677a91cf3a3d11c83ee67662ce1cb21631499325

kernel-debuginfo-common-ppc64le-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 5957a8f51151ecbecbbb7d8fe53e8edcaa58a849917f6974c7bb1fa3b8bb0485

kernel-debuginfo-common-ppc64le-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 5957a8f51151ecbecbbb7d8fe53e8edcaa58a849917f6974c7bb1fa3b8bb0485

kernel-devel-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 03c112f7d5800b842f6e098ce85d9ed69920bd1d9d9dbd603bddc112f4522f81

kernel-doc-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 664944233e848ccb4129d771e9cd26986cd2d9cfe6ea9257b5972465ff477d09

kernel-headers-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: ad5c872b78ded821b8be59de5fe02fb336bee9529ca5a27343d60a0433745909

kernel-tools-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: e9df06f24c0c1daa89da55b32a8d692560fd37a805b3b496bf0ee566defc0b93

kernel-tools-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: ea7704e945f2b16ab4fde248964cfc5dacff4e67a78df34b92a8f84b5c266316

kernel-tools-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: ea7704e945f2b16ab4fde248964cfc5dacff4e67a78df34b92a8f84b5c266316

kernel-tools-libs-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 3adb77d6e73bb14170438e64bf13ae9bf1600f377236f7213c3150282c97626a

kernel-tools-libs-devel-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 2d9c5e354bc950a5f2ea4385cebd854367556f6c29d03a55980a4a9cacde9500

perf-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: c42b3ca5b4b8ba47972b63d18c21b10671f706d169ae5e1c778718e171b51d09

perf-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 3b4291ca48bce74af9636cc8d17f918ada461951168910f100a795a587a7feae

perf-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 3b4291ca48bce74af9636cc8d17f918ada461951168910f100a795a587a7feae

python-perf-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 4248adb189ede1d85dfb6cbae2a85922a10b7a9452f3d3d02973005ea49ac093

python-perf-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 5b0724db0fc6742088e97983e291f6a09244b357b5a7aa46edc9cf0776da22a6

python-perf-debuginfo-3.10.0-957.99.1.el7.ppc64le.rpm

SHA-256: 5b0724db0fc6742088e97983e291f6a09244b357b5a7aa46edc9cf0776da22a6

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.6

SRPM

kernel-3.10.0-957.99.1.el7.src.rpm

SHA-256: c6d071180c4b2cd43f5b4cc0d10dbc93d0f5987b8a6c03f4fa92f25100f531b0

x86_64

kernel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: e030e6ca1a33fb23bb569a83cd33edeaa6d8385e290c69e89272dcd656f6ad9a

kernel-abi-whitelists-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 72513cf79a43387d7037266208b0fca7519d6e08c89b7b2a179b6905eb75f1cf

kernel-debug-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 4ac364b31a0268a12a37cc40708b15f8c23d9dfbebaf4af75cb24edebc3296c9

kernel-debug-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 0a5a7a909cea917f0f7d6247f5abb832156e58ef6ab5f6d25d8db436c9ecd0c4

kernel-debug-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 0a5a7a909cea917f0f7d6247f5abb832156e58ef6ab5f6d25d8db436c9ecd0c4

kernel-debug-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 557a9b2c33a7bac91116f70c96d4f3a32b55d1be01e4687eb7ad2ab78ebccee8

kernel-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 6ef4ed63e05b4aec511c3461b61b6ab7e8b59daeeed0b9d2dfb02fa36172b54e

kernel-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 6ef4ed63e05b4aec511c3461b61b6ab7e8b59daeeed0b9d2dfb02fa36172b54e

kernel-debuginfo-common-x86_64-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 51d989a704b0d29642bda6113900c4777f1041751d7042c87a3b80c893565044

kernel-debuginfo-common-x86_64-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 51d989a704b0d29642bda6113900c4777f1041751d7042c87a3b80c893565044

kernel-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 4487cbf8b63afc6f25f80bd3a59b48843d77c0b00879bb6ad4eb15280ae7bbd1

kernel-doc-3.10.0-957.99.1.el7.noarch.rpm

SHA-256: 664944233e848ccb4129d771e9cd26986cd2d9cfe6ea9257b5972465ff477d09

kernel-headers-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: b17bd8840098ad3535fb33c0838b9dc43ae6939ef2b2c22617cc4fd1f47f5dce

kernel-tools-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7c35bab6c3c708c1659968e2e1bf271afd6d03709352a24d25bd88d24160f857

kernel-tools-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 52f4d4853b8ea9a0854bb7fd41ecfcc6e8d6ede72d153c0fe00e47fd4a7554f9

kernel-tools-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 52f4d4853b8ea9a0854bb7fd41ecfcc6e8d6ede72d153c0fe00e47fd4a7554f9

kernel-tools-libs-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: c91b836e7e445a1e4f70185635a5aeca20697ef43b72b426d9863940a6c6320c

kernel-tools-libs-devel-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 12014d8a07045713dda23d0e31f757d2075cb7e7e6f5ee6cf64d8ae727860122

perf-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 764c6344d5c26a299cb33ac1c7d1da99088beafc3bff46130bc5b7a3c4c997fc

perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 3a6848a35712a60c821c097b92c22059f586dce93ec66f329d27ea8b29e3f7ce

perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 3a6848a35712a60c821c097b92c22059f586dce93ec66f329d27ea8b29e3f7ce

python-perf-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: fa1612b1d8f2fd1daa5bb84c7e9b0d33568f073cbcaf26eff09e0b5da1350028

python-perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7e88a9cf4c5e909fa4608927f455a0a5fd16ad9dd7584603ebf2275929b2216c

python-perf-debuginfo-3.10.0-957.99.1.el7.x86_64.rpm

SHA-256: 7e88a9cf4c5e909fa4608927f455a0a5fd16ad9dd7584603ebf2275929b2216c

Related news

Red Hat Security Advisory 2023-4022-01

Red Hat Security Advisory 2023-4022-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include double free, privilege escalation, and use-after-free vulnerabilities.

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

RHSA-2022:7874: Red Hat Security Advisory: OpenShift Container Platform 4.8.53 bug fix and security update

Red Hat OpenShift Container Platform release 4.8.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go...

RHSA-2022:6882: Red Hat Security Advisory: Openshift Logging 5.3.13 security and bug fix release

An update is now available for OpenShift Logging 5.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32149: golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags

Red Hat Security Advisory 2022-7344-01

Red Hat Security Advisory 2022-7344-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7280-01

Red Hat Security Advisory 2022-7280-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:7313: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.2 security update and bug fixes

Red Hat Advanced Cluster Management for Kubernetes 2.6.2 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-25887: sanitize-html: insecure global regular expression replacement logic may lead to ReDoS * CVE-2022-25896: passport: incorrect ses...

RHSA-2022:7201: Red Hat Security Advisory: OpenShift Container Platform 4.11.12 security update

Red Hat OpenShift Container Platform release 4.11.12 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-26945: go-getter: command injection vulnerability * CVE-2022-30321: go-getter: unsafe download (issue 1 of 3) * CVE-2022-30322: go-getter: unsafe download (issue 2 of 3) * CVE-2022-30323: go-getter: unsafe download (issue 3 of 3)

RHSA-2022:7276: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.4.8 security fixes and container updates

Red Hat Advanced Cluster Management for Kubernetes 2.4.8 General Availability release images, which fix security issues. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2238: search-api: SQL injection leads to remote denial of service * CVE-2022-25858: terser: insecure use of regular expressions leads to ReDoS * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-35948: nodejs: undici vulnerable to CRLF via content headers * CVE-2022-35949: n...

Red Hat Security Advisory 2022-7173-01

Red Hat Security Advisory 2022-7173-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-7146-01

Red Hat Security Advisory 2022-7146-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:7137: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Red Hat Security Advisory 2022-6991-01

Red Hat Security Advisory 2022-6991-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-6978-01

Red Hat Security Advisory 2022-6978-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

RHSA-2022:6978: Red Hat Security Advisory: kpatch-patch security update

An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2588: kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation

Red Hat Security Advisory 2022-6875-01

Red Hat Security Advisory 2022-6875-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.

Red Hat Security Advisory 2022-6551-01

Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...

Ubuntu Security Notice USN-5582-1

Ubuntu Security Notice 5582-1 - Arthur Mongodin discovered that the netfilter subsystem in the Linux kernel did not properly perform data validation. A local attacker could use this to escalate privileges in certain situations. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5567-1

Ubuntu Security Notice 5567-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.

Ubuntu Security Notice USN-5562-1

Ubuntu Security Notice 5562-1 - Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the netfilter subsystem of the Linux kernel did not prevent one nft object from referencing an nft set in another nft table, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.