Headline
RHSA-2022:5648: Red Hat Security Advisory: kpatch-patch security update
An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-07-19
Updated:
2022-07-19
RHSA-2022:5648 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2092427 - CVE-2022-32250 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM
kpatch-patch-4_18_0-147_51_2-1-8.el8_1.src.rpm
SHA-256: 6dc6ad83bf491475b976e416650008b8585c3c0b4803d5368878e10d8074c4f0
kpatch-patch-4_18_0-147_52_1-1-7.el8_1.src.rpm
SHA-256: a3972b3f05d59e2e77e283f37e4a45eeeef98c66d873179ae9366ed4f9205e33
kpatch-patch-4_18_0-147_54_2-1-6.el8_1.src.rpm
SHA-256: 883a06c3e45ad8ffcb9cec43efb76c4064d6bc29134e433a1374e0d9b93c4c5f
kpatch-patch-4_18_0-147_56_1-1-6.el8_1.src.rpm
SHA-256: 9513b4dd1deaaf0c67640237712a0f03c414a37687aa346d2aaaa865d810f6b1
kpatch-patch-4_18_0-147_58_1-1-4.el8_1.src.rpm
SHA-256: eb98a2a329e19845ac8ea168cf4b13eb68b51d8fc66490ab212d3827a72c5f95
kpatch-patch-4_18_0-147_59_1-1-4.el8_1.src.rpm
SHA-256: acc4d985627705355b33ff2ca89b36e2320a1d9fd0f758339338e5f7c3f3238b
kpatch-patch-4_18_0-147_64_1-1-3.el8_1.src.rpm
SHA-256: 5677f19841905667d455bdb60f7d3788da5737d4e7381fdc8f45d997964a133a
kpatch-patch-4_18_0-147_65_1-1-2.el8_1.src.rpm
SHA-256: 8b84ae71d93240aa63fc14737c69460f8aeee0eed69127b08ef2185cfffea54a
kpatch-patch-4_18_0-147_67_1-1-1.el8_1.src.rpm
SHA-256: 286ffaed57beb6896b3cfbd9eb53277885cb8f286b2109d64af874f84664d890
ppc64le
kpatch-patch-4_18_0-147_51_2-1-8.el8_1.ppc64le.rpm
SHA-256: ff86fbfb55f292f8bdbe428f9d82880f63751ced7ab7d390a528f0597b54b0a2
kpatch-patch-4_18_0-147_51_2-debuginfo-1-8.el8_1.ppc64le.rpm
SHA-256: 275b5be90e13722feac57f93c88f729d4d08630453583ad3dc61bada30e54209
kpatch-patch-4_18_0-147_51_2-debugsource-1-8.el8_1.ppc64le.rpm
SHA-256: abfe4e8fbf0725ce6a2469f337852e642b3548bf191dc2a59cbd9c61f1ef29fa
kpatch-patch-4_18_0-147_52_1-1-7.el8_1.ppc64le.rpm
SHA-256: d2b983886902d7fdd9e549af760a231b375e54b55240f23b120dda11168bc46d
kpatch-patch-4_18_0-147_52_1-debuginfo-1-7.el8_1.ppc64le.rpm
SHA-256: 05366a0b2da56ec8c2f83ff1f82b13e275ae1c9059372adeda5a6929fe34e2ae
kpatch-patch-4_18_0-147_52_1-debugsource-1-7.el8_1.ppc64le.rpm
SHA-256: 4fb9d1ca79f5f3a3983032a87965638378f90337491f1603e6199d3624181b1f
kpatch-patch-4_18_0-147_54_2-1-6.el8_1.ppc64le.rpm
SHA-256: ea92f829e2f9b5371d9b5c53052481602727bbeba856e735a85457e1be06a580
kpatch-patch-4_18_0-147_54_2-debuginfo-1-6.el8_1.ppc64le.rpm
SHA-256: 91facdc983b4823700b81230cec41a9bd09116dc6dfb384df269764f70caf305
kpatch-patch-4_18_0-147_54_2-debugsource-1-6.el8_1.ppc64le.rpm
SHA-256: acbe58d35c9b5b1ab54d4d02649303e7b3b8d6d8c13e82304f057c44b44e57a6
kpatch-patch-4_18_0-147_56_1-1-6.el8_1.ppc64le.rpm
SHA-256: 4be38871e84777b4d6f3887d730a7dff5842d81b1918eed653356e44a535b58f
kpatch-patch-4_18_0-147_56_1-debuginfo-1-6.el8_1.ppc64le.rpm
SHA-256: afeacb0f0aa7f7021ecb742350a6b4decae4af79bc349fa1c73da2cd74a1cb4c
kpatch-patch-4_18_0-147_56_1-debugsource-1-6.el8_1.ppc64le.rpm
SHA-256: 73caad2593bd139be9f1022914fc39d5a1e576af204a0b33e25d1d9aaee2dd35
kpatch-patch-4_18_0-147_58_1-1-4.el8_1.ppc64le.rpm
SHA-256: 280e478418b69495e9685f42ac93e4759f49ff16bc2401e083892176c1ae66e9
kpatch-patch-4_18_0-147_58_1-debuginfo-1-4.el8_1.ppc64le.rpm
SHA-256: fa508b3ccb958550522d5478592cdbeb37460f0a8dcd0e73b67552bdd1f31abd
kpatch-patch-4_18_0-147_58_1-debugsource-1-4.el8_1.ppc64le.rpm
SHA-256: d3da34be83de42f57b65a63275ab7b01e79a7531572f325132ee6ab6073e0e2a
kpatch-patch-4_18_0-147_59_1-1-4.el8_1.ppc64le.rpm
SHA-256: 979cac4562fcc0abdd5b89a9374e07ee35c4d0235e6dbd57a6ea92f8afbf8178
kpatch-patch-4_18_0-147_59_1-debuginfo-1-4.el8_1.ppc64le.rpm
SHA-256: b96756a07a4eb1ed797dc48c8ded2d73342766d0a07874e1ed6c15b3519f1fb9
kpatch-patch-4_18_0-147_59_1-debugsource-1-4.el8_1.ppc64le.rpm
SHA-256: 5f008b1190ed3ab1681a986327426ae66be09d852d01266748a945294fb6e7e8
kpatch-patch-4_18_0-147_64_1-1-3.el8_1.ppc64le.rpm
SHA-256: d288875d04da406b8fe705c95a3eab040b69511965785e4c8767db6cd4ad5e29
kpatch-patch-4_18_0-147_64_1-debuginfo-1-3.el8_1.ppc64le.rpm
SHA-256: 1249c228bfd49c025ed922719f61c2fd7d20e33258eba174aba8994c67b2245f
kpatch-patch-4_18_0-147_64_1-debugsource-1-3.el8_1.ppc64le.rpm
SHA-256: 0cbdc7b4a3fc43b1b480d215336478e26a522b5ab97088d6cfe15add81f792f3
kpatch-patch-4_18_0-147_65_1-1-2.el8_1.ppc64le.rpm
SHA-256: cac529062385d633b45500a44097b458b95e25a09adfd4f0bf21f58c75e9c1bc
kpatch-patch-4_18_0-147_65_1-debuginfo-1-2.el8_1.ppc64le.rpm
SHA-256: 1cb7fc3c80766a95ea942385e514375ea765bbba33bbbfd441ed8c3ad9150533
kpatch-patch-4_18_0-147_65_1-debugsource-1-2.el8_1.ppc64le.rpm
SHA-256: e5fa60e52d9610fe548f84036765d760a80d9dae50bdb8c82c74f718d3351171
kpatch-patch-4_18_0-147_67_1-1-1.el8_1.ppc64le.rpm
SHA-256: c7ff81a94c2097a98751fd827ffbca8bd91c6014a5de526bec109214406cd748
kpatch-patch-4_18_0-147_67_1-debuginfo-1-1.el8_1.ppc64le.rpm
SHA-256: 167db60617d0407192c950e10f77b8219c44721cfacbd9b6f2f0ff0f7a7c4e5d
kpatch-patch-4_18_0-147_67_1-debugsource-1-1.el8_1.ppc64le.rpm
SHA-256: 7f9b87e3db5d47baf982011ea651533dbcb7818935f35b43ec79c05ef3bf1027
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM
kpatch-patch-4_18_0-147_51_2-1-8.el8_1.src.rpm
SHA-256: 6dc6ad83bf491475b976e416650008b8585c3c0b4803d5368878e10d8074c4f0
kpatch-patch-4_18_0-147_52_1-1-7.el8_1.src.rpm
SHA-256: a3972b3f05d59e2e77e283f37e4a45eeeef98c66d873179ae9366ed4f9205e33
kpatch-patch-4_18_0-147_54_2-1-6.el8_1.src.rpm
SHA-256: 883a06c3e45ad8ffcb9cec43efb76c4064d6bc29134e433a1374e0d9b93c4c5f
kpatch-patch-4_18_0-147_56_1-1-6.el8_1.src.rpm
SHA-256: 9513b4dd1deaaf0c67640237712a0f03c414a37687aa346d2aaaa865d810f6b1
kpatch-patch-4_18_0-147_58_1-1-4.el8_1.src.rpm
SHA-256: eb98a2a329e19845ac8ea168cf4b13eb68b51d8fc66490ab212d3827a72c5f95
kpatch-patch-4_18_0-147_59_1-1-4.el8_1.src.rpm
SHA-256: acc4d985627705355b33ff2ca89b36e2320a1d9fd0f758339338e5f7c3f3238b
kpatch-patch-4_18_0-147_64_1-1-3.el8_1.src.rpm
SHA-256: 5677f19841905667d455bdb60f7d3788da5737d4e7381fdc8f45d997964a133a
kpatch-patch-4_18_0-147_65_1-1-2.el8_1.src.rpm
SHA-256: 8b84ae71d93240aa63fc14737c69460f8aeee0eed69127b08ef2185cfffea54a
kpatch-patch-4_18_0-147_67_1-1-1.el8_1.src.rpm
SHA-256: 286ffaed57beb6896b3cfbd9eb53277885cb8f286b2109d64af874f84664d890
x86_64
kpatch-patch-4_18_0-147_51_2-1-8.el8_1.x86_64.rpm
SHA-256: c4b0166292f03ae43fda0bf154ded0dc7b90b4c4160c9970b5a72bed89fdfa3a
kpatch-patch-4_18_0-147_51_2-debuginfo-1-8.el8_1.x86_64.rpm
SHA-256: 9431a18abd9685645d65534baab65cafc58ad66b107e697cdcfafd41788a82c5
kpatch-patch-4_18_0-147_51_2-debugsource-1-8.el8_1.x86_64.rpm
SHA-256: 6b92abfbb7a71296f7381adce5a2591cca3af8db5d754228c129ed96bd8d80da
kpatch-patch-4_18_0-147_52_1-1-7.el8_1.x86_64.rpm
SHA-256: dc8b79128b1fcefd3e22271187dd67a6ba244a01cb0ba2bc11bedca84b72e2cc
kpatch-patch-4_18_0-147_52_1-debuginfo-1-7.el8_1.x86_64.rpm
SHA-256: 665a76e746ee0482d1f23104091c882ef02ca3f0449f92a245887606ed09e1f1
kpatch-patch-4_18_0-147_52_1-debugsource-1-7.el8_1.x86_64.rpm
SHA-256: a5bc49698c93ef17ce9c1787d347e166e1c9963a71ef41c10e20b4b408249b86
kpatch-patch-4_18_0-147_54_2-1-6.el8_1.x86_64.rpm
SHA-256: eb491f099dec39a0e429246f7b7661639b474c893c7b591ab8661cc84bd6e271
kpatch-patch-4_18_0-147_54_2-debuginfo-1-6.el8_1.x86_64.rpm
SHA-256: 474fd32bd6aec9eb68a753e90bf79e8ed56f673986dfba8a0c55476de17ff33d
kpatch-patch-4_18_0-147_54_2-debugsource-1-6.el8_1.x86_64.rpm
SHA-256: 29377aaa9d184cbf79ccc849d7328be64a59e5ea7afef66851a692ad70e03307
kpatch-patch-4_18_0-147_56_1-1-6.el8_1.x86_64.rpm
SHA-256: 115297d958b5ed5e679e8c79afa0175b2ea852fef39bbbaee0a9a7a46fce3c7e
kpatch-patch-4_18_0-147_56_1-debuginfo-1-6.el8_1.x86_64.rpm
SHA-256: 0864ae17d6e6c3d8bef0d1fc1f68d41dcdd50c054469ee16604e5a5d8821e247
kpatch-patch-4_18_0-147_56_1-debugsource-1-6.el8_1.x86_64.rpm
SHA-256: a7ef14470b0b847f91e7ac28a0f592caa3a01fe9d0872854341f2beb0a6445c3
kpatch-patch-4_18_0-147_58_1-1-4.el8_1.x86_64.rpm
SHA-256: 2fa92627fd7321d556c500915b62775ce68c682241156724a222bc29e0e31cfc
kpatch-patch-4_18_0-147_58_1-debuginfo-1-4.el8_1.x86_64.rpm
SHA-256: e922395c0c23ce87a11a8313fc0948642e9d5d425bbb81f80858441373c67640
kpatch-patch-4_18_0-147_58_1-debugsource-1-4.el8_1.x86_64.rpm
SHA-256: 940f826171817f8c02345d5b0fef457a2ec6cecc9b56bc45c407371b98d71ca7
kpatch-patch-4_18_0-147_59_1-1-4.el8_1.x86_64.rpm
SHA-256: 6f8dde3bd234c4d28c892174fe54f5f6618bf31fa900c5f21ac5d2b363b7e863
kpatch-patch-4_18_0-147_59_1-debuginfo-1-4.el8_1.x86_64.rpm
SHA-256: b0d197674a2855673a39881da8e1c99c2524cda62f154f2a8604288523970ab5
kpatch-patch-4_18_0-147_59_1-debugsource-1-4.el8_1.x86_64.rpm
SHA-256: 0205c5d43cbf31429cddc93d0a1449731dc7aeaa6db71a5d29c2e6ecbca487e5
kpatch-patch-4_18_0-147_64_1-1-3.el8_1.x86_64.rpm
SHA-256: a136820c36f6f544eceb0395b6b724d9e8c05c3ebd4c5c43c88128fc1f8838cd
kpatch-patch-4_18_0-147_64_1-debuginfo-1-3.el8_1.x86_64.rpm
SHA-256: c35a4db1892377f28f4566dc820ac33fd6968992511767d3f136c10c2b41d9ed
kpatch-patch-4_18_0-147_64_1-debugsource-1-3.el8_1.x86_64.rpm
SHA-256: 9cf6f1cda1fc033d7d3a9de89bdf57faaeac32e1a670bbb4cfc196addfc3c6ea
kpatch-patch-4_18_0-147_65_1-1-2.el8_1.x86_64.rpm
SHA-256: e7bf78878e2f733af329df35ff4df957bf6e446f7387bbdc5beeb4208e6b4f44
kpatch-patch-4_18_0-147_65_1-debuginfo-1-2.el8_1.x86_64.rpm
SHA-256: 95eb38ce01d5bef889655862a8dba57a02d2bd9b479b6e658caad81383ec43ea
kpatch-patch-4_18_0-147_65_1-debugsource-1-2.el8_1.x86_64.rpm
SHA-256: 31a276f1664c2da52186f704c434a1d6ece0506c76b5864b34053b9a31b9ba9c
kpatch-patch-4_18_0-147_67_1-1-1.el8_1.x86_64.rpm
SHA-256: b91e79822f0dab89ea50bd90c7e9351045576c7cefa99fef8bc6f2de1a0d327a
kpatch-patch-4_18_0-147_67_1-debuginfo-1-1.el8_1.x86_64.rpm
SHA-256: d58630f4d7c1af0f07b3a7439a22a3a68cd8df33e9025d1967ecfe1f716b56dd
kpatch-patch-4_18_0-147_67_1-debugsource-1-1.el8_1.x86_64.rpm
SHA-256: a3f60d0f5e204fc82dba16f8e22b0d160dc5ba61d40ffa7388f6c7c0045293d5
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.
Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...
Red Hat Security Advisory 2022-6370-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.0 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix security issues and several bugs. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.56.
Red Hat OpenShift Container Platform release 4.7.56 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read
An update is now available for RHOL-5.5-RHEL-8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-38561: golang: out-of-bounds read in golang.org/x/text/language leads to DoS * CVE-2022-0759: kubeclient: kubeconfig parsing error can lead to MITM attacks * CVE-2022-21698: prometheus/client_golang: Denial of service using InstrumentHandlerCounter * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Red Hat OpenShift Container Platform release 4.9.45 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2403: openshift: oauth-serving-cert configmap contains cluster certificate private key
Red Hat Security Advisory 2022-5730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.25.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1729: kernel: race condition in perf_event_open leads to privilege escalation * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Red Hat OpenShift Container Platform release 4.10.25 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23772: golang: math/big: uncontrolled memory consumption due to an unhandled overflow via Rat.SetString * CVE-2022-24675: golang: encoding/pem: fix stack overflow in Decode * CVE-2022-24921...
Red Hat Security Advisory 2022-5641-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5626-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, memory leak, privilege escalation, and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5636-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, privilege escalation, and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2021-4197: kernel: cgroup: Use open-time creds and namespace for migration perm checks * CVE-2021-4203: kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses * CVE-2022-1...
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2021-4197: kernel: cgroup: Use open-time creds and namespace for migration perm checks * CVE-2021-4203: kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses * CVE-202...
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-1729: kernel: race condition in perf_event_open leads to privilege escalation * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.