Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:3517: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-42896: A use-after-free flaw was found in the Linux kernel’s implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code leaking kernel memory via Bluetooth if within proximity of the victim.
Red Hat Security Data
#vulnerability#linux#red_hat#rpm#sap

Issued:

2023-06-06

Updated:

2023-06-06

RHSA-2023:3517 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c (CVE-2022-42896)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2147364 - CVE-2022-42896 kernel: use-after-free in l2cap_connect and l2cap_le_connect_req in net/bluetooth/l2cap_core.c

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM

kpatch-patch-4_18_0-305_71_1-1-5.el8_4.src.rpm

SHA-256: 2a2d74df060c62fdb5d95a5de6bc785da71203a0e58663cb9969b6bc10c885c0

kpatch-patch-4_18_0-305_72_1-1-4.el8_4.src.rpm

SHA-256: e6466254190352284a1ffbe5aa57324f9b383125b7ecebe841ee71dbfafd95b3

kpatch-patch-4_18_0-305_76_1-1-3.el8_4.src.rpm

SHA-256: bc3b5067bc423a93565c3f1b75c482b8f7361938d3f5fac973b68191c08a6d8d

kpatch-patch-4_18_0-305_82_1-1-2.el8_4.src.rpm

SHA-256: ca896492085cb95d381fdb29602da46160a5a8b65ff0f78521d51875d1c42e9e

kpatch-patch-4_18_0-305_86_2-1-1.el8_4.src.rpm

SHA-256: 21f84359ef432612545cdf1af785af291feaaace3ab0b8f93b8b176953bc0eb1

kpatch-patch-4_18_0-305_88_1-1-1.el8_4.src.rpm

SHA-256: 8a0260204a85df57d7c16c67d4fd88c1eeb31310935d5e3ca34c38b295b5fa1d

ppc64le

kpatch-patch-4_18_0-305_71_1-1-5.el8_4.ppc64le.rpm

SHA-256: 8a1bebcbc3e19af0249c95e28680a94517d08d2727f563b4392e89399e9be133

kpatch-patch-4_18_0-305_71_1-debuginfo-1-5.el8_4.ppc64le.rpm

SHA-256: a00ed360ae9b39fc3e4f6bba94fd4752f362f56e42600ebf52c57a26fed8fcb7

kpatch-patch-4_18_0-305_71_1-debugsource-1-5.el8_4.ppc64le.rpm

SHA-256: 051040e49d45c602dfaf0df8eb6de2acd181c134c90473e92d14fcdac7979f31

kpatch-patch-4_18_0-305_72_1-1-4.el8_4.ppc64le.rpm

SHA-256: a93065d52690ee0c05ad1e3a77f94439b80067b8a44def08d492d53c3281849e

kpatch-patch-4_18_0-305_72_1-debuginfo-1-4.el8_4.ppc64le.rpm

SHA-256: 2709446a3dce18d1d58c0ba37a57d2862b9af2c85aa2e46a75f6e9b5f586f15d

kpatch-patch-4_18_0-305_72_1-debugsource-1-4.el8_4.ppc64le.rpm

SHA-256: 8628112a45b6ae2e4995ff477be69e58bffa5b8556f78dac5af2c26f03ae8fc1

kpatch-patch-4_18_0-305_76_1-1-3.el8_4.ppc64le.rpm

SHA-256: d998a7fd27f43e0f7f242709de0c58afa7c6d077a8ef0f4f8ba259a4288b1a7e

kpatch-patch-4_18_0-305_76_1-debuginfo-1-3.el8_4.ppc64le.rpm

SHA-256: ab1d100f8d87bca2a11aba35e190a513a79e93e3266afd1569e2b9c1289a2732

kpatch-patch-4_18_0-305_76_1-debugsource-1-3.el8_4.ppc64le.rpm

SHA-256: d97bdfeb590c73ecefe2d0750cbe2c6327d7be0f2d61e959b149742dbe702cdc

kpatch-patch-4_18_0-305_82_1-1-2.el8_4.ppc64le.rpm

SHA-256: 8fdf09b687c2fea17430b9f3d072d3c6a2dafb5bb2b8d8e4107496ab12d20a72

kpatch-patch-4_18_0-305_82_1-debuginfo-1-2.el8_4.ppc64le.rpm

SHA-256: c164e421beb032b96fa32e461323f31e86cfdaba67422bf0fbdc6801e5099c10

kpatch-patch-4_18_0-305_82_1-debugsource-1-2.el8_4.ppc64le.rpm

SHA-256: 9e958372453429d2054d6e79c63dfaaf470b0b70f968624e2a26ceff6580a1fc

kpatch-patch-4_18_0-305_86_2-1-1.el8_4.ppc64le.rpm

SHA-256: 695eb94476883f87f47981f6ae1d240fc66a3fdd6014f0f849157649efe125f0

kpatch-patch-4_18_0-305_86_2-debuginfo-1-1.el8_4.ppc64le.rpm

SHA-256: be622665cec8e10d898159035810822869911952dfe5bde928928931f3b37750

kpatch-patch-4_18_0-305_86_2-debugsource-1-1.el8_4.ppc64le.rpm

SHA-256: da50370f85b561ec0b97b434c41b1ef3a1e5008f8630454191fe856fbe11b6ff

kpatch-patch-4_18_0-305_88_1-1-1.el8_4.ppc64le.rpm

SHA-256: 60ef134083ba65587c9d0af4dbe5d70d075e5881b9754625777aa1fddb0ec170

kpatch-patch-4_18_0-305_88_1-debuginfo-1-1.el8_4.ppc64le.rpm

SHA-256: 832f3190d13793cbc04113e6d34ce6e796c812b26c5e8c1bf4b3222deb35dc56

kpatch-patch-4_18_0-305_88_1-debugsource-1-1.el8_4.ppc64le.rpm

SHA-256: 0f61b7b6e43532af90c130e8168e21ca641fb643f63750c78404438d1b779eac

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM

kpatch-patch-4_18_0-305_71_1-1-5.el8_4.src.rpm

SHA-256: 2a2d74df060c62fdb5d95a5de6bc785da71203a0e58663cb9969b6bc10c885c0

kpatch-patch-4_18_0-305_72_1-1-4.el8_4.src.rpm

SHA-256: e6466254190352284a1ffbe5aa57324f9b383125b7ecebe841ee71dbfafd95b3

kpatch-patch-4_18_0-305_76_1-1-3.el8_4.src.rpm

SHA-256: bc3b5067bc423a93565c3f1b75c482b8f7361938d3f5fac973b68191c08a6d8d

kpatch-patch-4_18_0-305_82_1-1-2.el8_4.src.rpm

SHA-256: ca896492085cb95d381fdb29602da46160a5a8b65ff0f78521d51875d1c42e9e

kpatch-patch-4_18_0-305_86_2-1-1.el8_4.src.rpm

SHA-256: 21f84359ef432612545cdf1af785af291feaaace3ab0b8f93b8b176953bc0eb1

kpatch-patch-4_18_0-305_88_1-1-1.el8_4.src.rpm

SHA-256: 8a0260204a85df57d7c16c67d4fd88c1eeb31310935d5e3ca34c38b295b5fa1d

x86_64

kpatch-patch-4_18_0-305_71_1-1-5.el8_4.x86_64.rpm

SHA-256: 41fd64fe673146e9cc148f6632491b6ccf28004a31a741c3f1acef2519b63458

kpatch-patch-4_18_0-305_71_1-debuginfo-1-5.el8_4.x86_64.rpm

SHA-256: b297b2370445ca888ab7b5fe0091698a8a7bc55b496b79ba3d030aa855d9f8c4

kpatch-patch-4_18_0-305_71_1-debugsource-1-5.el8_4.x86_64.rpm

SHA-256: fc12c93aeda5a1f6c811c2446b1fe1a8d97fc82bc2630678d69355a6050a3b5d

kpatch-patch-4_18_0-305_72_1-1-4.el8_4.x86_64.rpm

SHA-256: 4ba990992734c7fe14e929cf53ffb9d94eae4fb2fa801655bcd61e2349b05044

kpatch-patch-4_18_0-305_72_1-debuginfo-1-4.el8_4.x86_64.rpm

SHA-256: 591b73eb249d0ddfefa36b42443ba595e74aaf3c88c97d997f7a0275e9116df7

kpatch-patch-4_18_0-305_72_1-debugsource-1-4.el8_4.x86_64.rpm

SHA-256: c72d011ca61ff2bdbbe51bfe713172c086f043f20bebda0aaa357d95e22c9c55

kpatch-patch-4_18_0-305_76_1-1-3.el8_4.x86_64.rpm

SHA-256: 8ca3eb186c808cac3ee5f362add47ee8956c4b0a3a94bae120969560a2f59ea5

kpatch-patch-4_18_0-305_76_1-debuginfo-1-3.el8_4.x86_64.rpm

SHA-256: 698d0af0522137cc12407e07a763d79584a5909f45600363de3144145f9c4163

kpatch-patch-4_18_0-305_76_1-debugsource-1-3.el8_4.x86_64.rpm

SHA-256: 356c4515b0d93a593d2fd9fe75df2c78842a4866c3d37480f3496a05a7bddf5f

kpatch-patch-4_18_0-305_82_1-1-2.el8_4.x86_64.rpm

SHA-256: 619398c55e8410261b752b588dd3faa69da2ba0687e05cbbb583dcef85a643a0

kpatch-patch-4_18_0-305_82_1-debuginfo-1-2.el8_4.x86_64.rpm

SHA-256: 672260be434ac942cbaf6241b1aa22a29177aed8e80091c5c67a1320a98023d0

kpatch-patch-4_18_0-305_82_1-debugsource-1-2.el8_4.x86_64.rpm

SHA-256: 6d4a64f33d6798b915f35495d83bd8b320478bcf8b849ff095fe03cab928393a

kpatch-patch-4_18_0-305_86_2-1-1.el8_4.x86_64.rpm

SHA-256: 8655bba6f9e9a233f241d0f1bbc0658517dfae6a6f8173410d78b7a816890b61

kpatch-patch-4_18_0-305_86_2-debuginfo-1-1.el8_4.x86_64.rpm

SHA-256: 39bcbf7fbf04e99b1f95a2ca6e295677c61d791afb389b21243d87a00a655837

kpatch-patch-4_18_0-305_86_2-debugsource-1-1.el8_4.x86_64.rpm

SHA-256: 7489acf89d5ebbd2e0603e30da43b0c03621732ed7dd419b30a0e38c3f8d0a44

kpatch-patch-4_18_0-305_88_1-1-1.el8_4.x86_64.rpm

SHA-256: efc1947b2b1c13e4e01487494162bb75f6207e3bee18c6d212081e0c5d65dc22

kpatch-patch-4_18_0-305_88_1-debuginfo-1-1.el8_4.x86_64.rpm

SHA-256: d1123553e50ad303dbf407240cdfa1b5bbe23d9b0e30f0cf1a85d7c550195fc3

kpatch-patch-4_18_0-305_88_1-debugsource-1-1.el8_4.x86_64.rpm

SHA-256: 072166d9f66a83b48fe429d717667b1b62e74fbccab8183b638bec48393b75f0

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2024-1332-03

Red Hat Security Advisory 2024-1332-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Issues addressed include a use-after-free vulnerability.

RHSA-2023:5580: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could exec...

RHSA-2023:4888: Red Hat Security Advisory: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-42896: A use-after-free flaw was found in the Linux kernel's implementation of logical link control and adaptation protocol (L2CAP), part of the Bluetooth stack in the l2cap_connect and l2cap_le_connect_req functions. An attacker with physical access within the range of standard Bluetooth transmission could execute code l...

Red Hat Security Advisory 2023-4517-01

Red Hat Security Advisory 2023-4517-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, privilege escalation, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-4230-01

Red Hat Security Advisory 2023-4230-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

RHSA-2023:4138: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1016: A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker. * CVE-2022-42703: A memory leak flaw with us...

Ubuntu Security Notice USN-5863-1

Ubuntu Security Notice 5863-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5832-1

Ubuntu Security Notice 5832-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5831-1

Ubuntu Security Notice 5831-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5829-1

Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5809-1

Ubuntu Security Notice 5809-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5804-1

Ubuntu Security Notice 5804-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5802-1

Ubuntu Security Notice 5802-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-5794-1

Ubuntu Security Notice 5794-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

CVE-2023-0036: en/security-disclosure/2023/2023-01.md · OpenHarmony/security - Gitee.com

platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an authentication bypass vulnerability which allows an "SA relay attack".Local attackers can bypass authentication and attack other SAs with high privilege.

Ubuntu Security Notice USN-5783-1

Ubuntu Security Notice 5783-1 - Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.