Headline
RHSA-2022:1535: Red Hat Security Advisory: kpatch-patch security update
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2021-4028: kernel: use-after-free in RDMA listen()
- CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-04-26
Updated:
2022-04-26
RHSA-2022:1535 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: kpatch-patch security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: use-after-free in RDMA listen() (CVE-2021-4028)
- kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Fixes
- BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
- BZ - 2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c
Red Hat Enterprise Linux for x86_64 8
SRPM
kpatch-patch-4_18_0-348-1-4.el8.src.rpm
SHA-256: e9b465a5b5dae4a750fecc49eca1adbe97867857c1db552d7592a1b6a4ad037f
kpatch-patch-4_18_0-348_12_2-1-2.el8_5.src.rpm
SHA-256: 272627d1ee173812b27615d39605764c46fdc72e220f53eb786cab5d1269814b
kpatch-patch-4_18_0-348_20_1-1-1.el8_5.src.rpm
SHA-256: e6b7332191e1e8dd1f157bd3e18cc9f4f74879a6c3256119ef93d44ff47916c9
kpatch-patch-4_18_0-348_2_1-1-3.el8_5.src.rpm
SHA-256: c240be1765f2362b87528ea4d2cee0690a10344e9c83b0e2dcbc01ab057c94c5
kpatch-patch-4_18_0-348_7_1-1-3.el8_5.src.rpm
SHA-256: 05bb0a0e86b052761d57c1bed6ec7caab3e864900fa379294033ee9bfd892046
x86_64
kpatch-patch-4_18_0-348-1-4.el8.x86_64.rpm
SHA-256: 9564b6c7e88fc1bd405fa0db914b1da12ffdf697a92b0d7195919766f77ea1b0
kpatch-patch-4_18_0-348-debuginfo-1-4.el8.x86_64.rpm
SHA-256: 4ab92c1e6809e2f779552f564e97411d37768e94147cbea9985f8c2838e88752
kpatch-patch-4_18_0-348-debugsource-1-4.el8.x86_64.rpm
SHA-256: 4f869a9b1a0f3a28d11790b11be3d237024d6f04df0d6e9fc6eb5ff1de2e6934
kpatch-patch-4_18_0-348_12_2-1-2.el8_5.x86_64.rpm
SHA-256: 68d5f66d2fb59a998aa15cfc7bac44732c50fd4453fa4046e057eee67f0c662a
kpatch-patch-4_18_0-348_12_2-debuginfo-1-2.el8_5.x86_64.rpm
SHA-256: 8548c9271a321671f4a7762c0db52d6c7960b2017f41067346900a44090e0742
kpatch-patch-4_18_0-348_12_2-debugsource-1-2.el8_5.x86_64.rpm
SHA-256: a7ee140e96ecab8fe1b7b7dae78dad4d72eb00bea1c66a07925e953719f4311b
kpatch-patch-4_18_0-348_20_1-1-1.el8_5.x86_64.rpm
SHA-256: 355bf349ddc5d4187c5f794b077db74d638e27b6685ceb12e63cd634f6d9242b
kpatch-patch-4_18_0-348_20_1-debuginfo-1-1.el8_5.x86_64.rpm
SHA-256: 6da583bded69a380673ea28e0c2d8860bb4d818a9f9b162024a316a668f8fe56
kpatch-patch-4_18_0-348_20_1-debugsource-1-1.el8_5.x86_64.rpm
SHA-256: 79cd1e070c696ef479e874bc9c1bdea03776bf7d91e6c75468eea18890ca80d3
kpatch-patch-4_18_0-348_2_1-1-3.el8_5.x86_64.rpm
SHA-256: b252c4cdd2eb9b9b68c4520b022175d56f0e03c7fc81af10f7945d68e2c00d17
kpatch-patch-4_18_0-348_2_1-debuginfo-1-3.el8_5.x86_64.rpm
SHA-256: bc5bd549ee7503c76c8b69271cd4b777054555556bf16b162953c9fa06bdcebd
kpatch-patch-4_18_0-348_2_1-debugsource-1-3.el8_5.x86_64.rpm
SHA-256: 96421fbc29ad58c225df59eca3f04a1653158f7733fead01049f94f061e14825
kpatch-patch-4_18_0-348_7_1-1-3.el8_5.x86_64.rpm
SHA-256: e41982784fec569d957acb0ce0245b9c66da2339b9c7b34d8d2780c50e980972
kpatch-patch-4_18_0-348_7_1-debuginfo-1-3.el8_5.x86_64.rpm
SHA-256: 6a4ec58a6270550f681e2af05a05939be031809ed3762022baf6c2b280e0eda9
kpatch-patch-4_18_0-348_7_1-debugsource-1-3.el8_5.x86_64.rpm
SHA-256: a1ace6ac2661b7c35f937fccadc20a565ce53b014868d2231b85748844aaf2fa
Red Hat Enterprise Linux for Power, little endian 8
SRPM
kpatch-patch-4_18_0-348-1-4.el8.src.rpm
SHA-256: e9b465a5b5dae4a750fecc49eca1adbe97867857c1db552d7592a1b6a4ad037f
kpatch-patch-4_18_0-348_12_2-1-2.el8_5.src.rpm
SHA-256: 272627d1ee173812b27615d39605764c46fdc72e220f53eb786cab5d1269814b
kpatch-patch-4_18_0-348_20_1-1-1.el8_5.src.rpm
SHA-256: e6b7332191e1e8dd1f157bd3e18cc9f4f74879a6c3256119ef93d44ff47916c9
kpatch-patch-4_18_0-348_2_1-1-3.el8_5.src.rpm
SHA-256: c240be1765f2362b87528ea4d2cee0690a10344e9c83b0e2dcbc01ab057c94c5
kpatch-patch-4_18_0-348_7_1-1-3.el8_5.src.rpm
SHA-256: 05bb0a0e86b052761d57c1bed6ec7caab3e864900fa379294033ee9bfd892046
ppc64le
kpatch-patch-4_18_0-348-1-4.el8.ppc64le.rpm
SHA-256: 516f20d5c9316ad9d21670ec2a8873d90e41ae9fbe34af34d8136dfd19dbd4d5
kpatch-patch-4_18_0-348-debuginfo-1-4.el8.ppc64le.rpm
SHA-256: 73634e11e7831661205ca47ac3a0269900da371a70a8da143b783bfc57a2c8b8
kpatch-patch-4_18_0-348-debugsource-1-4.el8.ppc64le.rpm
SHA-256: abc32df23ccb4ad3f4df84d9b5f669862f8a25dbba08d2d5dc98cf4f11036717
kpatch-patch-4_18_0-348_12_2-1-2.el8_5.ppc64le.rpm
SHA-256: 6a23385cc493b11f9bae5af3c3b34535b8737294e1c4b25a207d3303881352e0
kpatch-patch-4_18_0-348_12_2-debuginfo-1-2.el8_5.ppc64le.rpm
SHA-256: d53524c592c7bbc9fccf0748663ca1b8e4043568f2b11bac4f814a4e922c23b4
kpatch-patch-4_18_0-348_12_2-debugsource-1-2.el8_5.ppc64le.rpm
SHA-256: d6e3ba9e96471a2dc37f806209c795e552d743f3cf3802ddde6ccbd46c5a89e9
kpatch-patch-4_18_0-348_20_1-1-1.el8_5.ppc64le.rpm
SHA-256: 6dd4063580f0dd6c4f527c4fd8aaa31d879c8f8d4fa3aa80de730cb6af32bd1b
kpatch-patch-4_18_0-348_20_1-debuginfo-1-1.el8_5.ppc64le.rpm
SHA-256: 1b3aa393a651c8b34d18a200c5553adffa0e5a76c2589dd3a9db5fda04e7edba
kpatch-patch-4_18_0-348_20_1-debugsource-1-1.el8_5.ppc64le.rpm
SHA-256: 5ff76df2fc64dd466f5e48e8d7a6604ca036ee1dd6830b0237169751525f8942
kpatch-patch-4_18_0-348_2_1-1-3.el8_5.ppc64le.rpm
SHA-256: d7c5673fb42525a5f8a12bd769f4f7a8995d795bd0a307ae6784fa298da68749
kpatch-patch-4_18_0-348_2_1-debuginfo-1-3.el8_5.ppc64le.rpm
SHA-256: 72bc074e9534ea2eb96470a1c1e1167270e7b428b402f29c66ce3df85c77365c
kpatch-patch-4_18_0-348_2_1-debugsource-1-3.el8_5.ppc64le.rpm
SHA-256: f6fcc2c6546d66573d2eb97050a4a3c21df6aee8aefa2c26562866d0dcd9c13c
kpatch-patch-4_18_0-348_7_1-1-3.el8_5.ppc64le.rpm
SHA-256: e8046bc7d101bd16008af0bd086d8e8ef26874a89f098a1db9cc822275e8d060
kpatch-patch-4_18_0-348_7_1-debuginfo-1-3.el8_5.ppc64le.rpm
SHA-256: 9605793ddf37409ebaf1cb32422d00b8c7582e6e976d735c3cc50bea1f41ee39
kpatch-patch-4_18_0-348_7_1-debugsource-1-3.el8_5.ppc64le.rpm
SHA-256: 9b8156551d4163591461b0eb5715ec6ae329b74d794a6840f0f841d0efce0a44
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 218379.
IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access information across tenant and domain boundaries in some situations. IBM X-Force ID: 208397.
IBM QRadar SIEM 7.3, 7.4, and 7.5 stores potentially sensitive information in log files that could be read by an user with access to creating domains. IBM X-Force ID: 211037.
IBM QRadar SIEM 7.3, 7.4, and 7.5 in some senarios may reveal authorized service tokens to other QRadar users. IBM X-Force ID: 210021
IBM QRadar 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 220041.
IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 217369.
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 21.0.8, 22.2.4, and 23.0.1, it is possible to trick administrators into enabling "recommended" apps for the Nextcloud server that they do not need, thus expanding their attack surface unnecessarily. This issue is fixed in versions 21.0.8 , 22.2.4, and 23.0.1.
In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive (C:\) to exploit this.
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
Updated web-admin-build packages are now available for Red Hat Gluster Storage 3.5 Web Administration on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-44716: golang: net/http: limit growth of header canonicalization cache
Red Hat AMQ Broker 7.9.4 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+
Red Hat AMQ Broker 7.8.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-22965: spring-framework: RCE via Data Binding on JDK 9+
Red Hat OpenShift Container Platform release 3.11.665 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-43859: xstream: Injecting highly recursive collections or maps can cause a DoS * CVE-2022-25173: workflow-cps: OS command execution through crafted SCM contents * CVE-2022-25174: workflow-cps-global-lib: OS command execution through crafted SCM contents * CVE-2022-25175: wo...
An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
A security update for convert2rhel is now available for unsupported conversions of CentOS Linux 6 and Oracle Linux 6 to Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code
A security update for convert2rhel is now available for supported conversions of CentOS Linux 7 and Oracle Linux 7 to Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code
A security update for convert2rhel is now available for supported conversions of CentOS Linux 8 and Oracle Linux 8 to Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0852: convert2rhel: Red Hat account password passed via command line by code
A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS).
An access control issue in Zammad v5.0.3 allows attackers to write entries to the CTI caller log without authentication. This vulnerability can allow attackers to execute phishing attacks or cause a Denial of Service (DoS).
An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users.
A lack of rate limiting in the 'forgot password' feature of Zammad v5.1.0 allows attackers to send an excessive amount of reset requests for a legitimate user, leading to a possible Denial of Service (DoS) via a large amount of generated e-mail messages.
A lack of password length restriction in Zammad v5.1.0 allows for the creation of extremely long passwords which can cause a Denial of Service (DoS) during password verification.
An update for polkit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4115: polkit: file descriptor leak allows an unprivileged user to cause a crash
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1154: vim: use after free in utf_ptr2char
An update for the mariadb:10.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-2154: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2166: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2372: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-2389: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-35604: mysql: InnoDB unspecified vulnerab...
An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty
An update for the container-tools:3.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27649: podman: Default inheritable capabilities for linux container should be empty * CVE-2022-27651: buildah: Default inheritable capabilities for linux container should be empty
An update for gzip is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability
An update for the mariadb:10.5 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-2154: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2166: mysql: Server: DML unspecified vulnerability (CPU Apr 2021) * CVE-2021-2372: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-2389: mysql: InnoDB unspecified vulnerability (CPU Jul 2021) * CVE-2021-35604: mysql: InnoDB unspecified vulnerab...
An update for zlib is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-25032: zlib: A flaw found in zlib when compressing (not decompressing) certain inputs
An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4028: kernel: use-after-free in RDMA listen() * CVE-2022-25636: kernel: heap out of bounds write in nf_dup_netdev.c
An update for kernel is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-0435: kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
An update for gzip is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1271: gzip: arbitrary-file-write vulnerability
An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25235: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution
An update for maven-shared-utils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-29599: maven-shared-utils: Command injection via Commandline class
An update for xmlrpc-c is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-25235: expat: Malformed 2- and 3-byte UTF-8 sequences can lead to arbitrary code execution