Headline
RHSA-2022:6073: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-08-16
Updated:
2022-08-16
RHSA-2022:6073 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kernel security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kernel is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support, Red Hat Enterprise Linux 7.7 Telco Extended Update Support, and Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
- kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux Server - TUS 7.7 x86_64
Fixes
- BZ - 2092427 - CVE-2022-32250 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Red Hat Enterprise Linux Server - TUS 7.7
SRPM
kernel-3.10.0-1062.68.1.el7.src.rpm
SHA-256: 2a97e2a93e8aafe900d8126b501b1e004ee5328a11fb82e104fd7eafdbdf20cc
x86_64
bpftool-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: bad7ccb4391ad269a8272cb43e1bdfbb15e6ad3b6fc052f6a65a6f97cb95f2a1
bpftool-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: d06cd336a3038035db18c99ef06b6f00d961c906a92131cb4a8a32a88cef2351
bpftool-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: d06cd336a3038035db18c99ef06b6f00d961c906a92131cb4a8a32a88cef2351
kernel-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: a43012d27ed67d4bc7e29aeedc684104e1b39fdd24b9706847716a14fe6e78b7
kernel-abi-whitelists-3.10.0-1062.68.1.el7.noarch.rpm
SHA-256: 2cd00dba1372b0ceb3d9b8a4dfd6a1ce41d744fc0f196126dc420953a6196dc8
kernel-debug-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 0be52c7f09ca3f0d601268186f7b0404cac771e645cf10cc00e818bf55d87567
kernel-debug-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 3e30b69e5574b0899497fd68d091b74e3059dbdb1efc618143838df30c0525af
kernel-debug-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 3e30b69e5574b0899497fd68d091b74e3059dbdb1efc618143838df30c0525af
kernel-debug-devel-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: def3da9e7e56a74455e099a0d702498fbaa1b623c6aecab5c880d47848071386
kernel-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 1f57ca2c2b8b50f506876843d76ab12c9d2b1279f7eb1c0f72062c46b7fee6fc
kernel-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 1f57ca2c2b8b50f506876843d76ab12c9d2b1279f7eb1c0f72062c46b7fee6fc
kernel-debuginfo-common-x86_64-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 26a398fe231aa7da760435c8a34dbf9423f3d14f8d03927fa112e21960fca6ad
kernel-debuginfo-common-x86_64-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 26a398fe231aa7da760435c8a34dbf9423f3d14f8d03927fa112e21960fca6ad
kernel-devel-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 38439f7e48f0b4bc7718bf1fef3aba0dca2d665c27a7d74b8f176a2b67b621a8
kernel-doc-3.10.0-1062.68.1.el7.noarch.rpm
SHA-256: 2291f8653a378af923cbd1d82435fe03acd29c78cb3726a2e1e1e16a9d2dcf00
kernel-headers-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 47161cbdd5fdd018c5c35556d4afabd8b62ed0d9ab3a875f2693bbabc10e9104
kernel-tools-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 1226682d17fae5a3744bcda041a020e21e59149312a677574c7537117ee033f0
kernel-tools-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 80d961bc095e02d165708f618b866894af921d7b11bd175fafc71c16cb309894
kernel-tools-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 80d961bc095e02d165708f618b866894af921d7b11bd175fafc71c16cb309894
kernel-tools-libs-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 60af2d51d17fbc2b4218b03e8a9cc26039c21e6483cfa5204df457a170ae6236
kernel-tools-libs-devel-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 25f9920bceccb549e83eb386c786e2e96d2a3dd0a80b5549b2509a4b3c3696f8
perf-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 62f7b213753550934ff64014c22d1955b257c15f748a86d8b89a090486e893cd
perf-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 258f664b1aab8501feddf9d2e8332d710cd84c117d3d9a7c81e44fdf34e2040c
perf-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 258f664b1aab8501feddf9d2e8332d710cd84c117d3d9a7c81e44fdf34e2040c
python-perf-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 7f9eb63d8e70f6498bb72892462f9a6d2244e4fe697037d358adcefc7f2d6a7c
python-perf-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 601617aef3af511c6d371951df12212ef66d87955536203c0cb7a5018880789e
python-perf-debuginfo-3.10.0-1062.68.1.el7.x86_64.rpm
SHA-256: 601617aef3af511c6d371951df12212ef66d87955536203c0cb7a5018880789e
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.7
SRPM
kernel-3.10.0-1062.68.1.el7.src.rpm
SHA-256: 2a97e2a93e8aafe900d8126b501b1e004ee5328a11fb82e104fd7eafdbdf20cc
x86_64
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2022-6696-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.6 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Critical. Issues addressed include crlf injection and denial of service vulnerabilities.
Red Hat Advanced Cluster Management for Kubernetes 2.5.2 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31129: moment: inefficient parsing algorithm resulting in DoS * CVE-2022-36067: vm2: Sandbox Escape in vm2
OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information.
Red Hat Advanced Cluster Management for Kubernetes 2.6.0 General Availability release images, which fix security issues and bugs. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1705: golang: net/http: improper sanitization of Transfer-Encoding header * CVE-2022-1962: golang: go/parser: stack exhaustion in all Parse* functions * CVE-2022-28131: golang: encoding/xml: stack exhaustion in Decoder.Skip * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_a...
Red Hat Security Advisory 2022-6271-01 - This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include a denial of service vulnerability.
Red Hat OpenShift Container Platform release 4.11.1 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30629: golang: crypto/tls: session tickets lack random ticket_age_add * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read
Red Hat Security Advisory 2022-6051-01 - An update is now available for RHOL-5.5-RHEL-8. Issues addressed include denial of service, man-in-the-middle, and out of bounds read vulnerabilities.
Red Hat Security Advisory 2022-6075-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5806-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Red Hat Security Advisory 2022-5805-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kernel is now available for Red Hat Enterprise Linux 7.6 Advanced Update Support, Red Hat Enterprise Linux 7.6 Telco Extended Update Support, and Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kernel is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1729: kernel: race condition in perf_event_open leads to privilege escalation * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
Red Hat Security Advisory 2022-5641-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include privilege escalation and use-after-free vulnerabilities.
An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-29368: kernel: the copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check * CVE-2021-4197: kernel: cgroup: Use open-time creds and namespace for migration perm checks * CVE-2021-4203: kernel: Race condition in races in sk_peer_pid and sk_peer_cred accesses * CVE-2022-1...
An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root
An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-32250: kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root