-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: kernel security, bug fix, and enhancement update
Advisory ID:       RHSA-2022:0777-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:0777
Issue date:        2022-03-08
CVE Names:         CVE-2021-0920 CVE-2021-4028 CVE-2022-0330 
                   CVE-2022-0435 CVE-2022-0516 CVE-2022-22942 
====================================================================
1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.4
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder EUS (v. 8.4) - aarch64, ppc64le, x86_64
Red Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux
operating system.

Security Fix(es):

* kernel: Use After Free in unix_gc() which could result in a local
privilege escalation (CVE-2021-0920)

* kernel: use-after-free in RDMA listen() (CVE-2021-4028)

* kernel: possible privileges escalation due to missing TLB flush
(CVE-2022-0330)

* kernel: remote stack overflow via kernel panic on systems using TIPC may
lead to DoS (CVE-2022-0435)

* kernel: missing check in ioctl allows kernel memory read/write
(CVE-2022-0516)

* kernel: failing usercopy allows for use-after-free exploitation
(CVE-2022-22942)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Intel QAT Kernel power up fix (BZ#2016436)

* RHEL8: DFS provided SMB shares are not accessible following unprivileged
access (BZ#2017176)

* xfs: I_DONTCACHE flag is ignored [xfstests: xfs/177] (BZ#2028533)

* spec: Support separate tools build (BZ#2031052)

* block: update to upstream v5.14 (BZ#2034395)

* Double free of kmalloc-64  cache   struct ib_port->pkey_group from module
ib_core  . (BZ#2038723)

* RHEL8 - kvm: floating interrupts may get stuck (BZ#2040768)

* Data corruption on small files served by httpd, which is backed by
cifs-mount (BZ#2041528)

* Add a net/mlx5 patch for Hardware Offload Fix (BZ#2042662)

* DNS lookup failures when run two times in a row (BZ#2043547)

* net/sched: Fix ct zone matching for invalid conntrack state (BZ#2043549)

* Windows guest random Bsod when 'hv-tlbflush' enlightenment is enabled
(BZ#2048342)

* OCP node XFS metadata corruption after numerous reboots (BZ#2049291)

* ice: bug fix series for 8.6 (BZ#2051950)

* SNO 4.9: NO-CARRIER on pod interface using VF on intel E810-C NIC;
IAVF_ERR_ADMIN_QUEUE_ERROR (BZ#2052984)

* ceph omnibus backport for RHEL-8.6.0 (BZ#2053724)

* SCTP peel-off with SELinux and containers in OCP (BZ#2054111)

* Selinux  is not  allowing SCTP connection setup between inter pod
communication in enforcing mode (BZ#2054116)

Enhancement(s):

* [Mellanox 8.5 FEAT] mlx5: drivers update upto Linux v5.12 [8.4.0.z]
(BZ#2037730)

* [MCHP 8.5 FEAT] Update smartpqi driver to latest upstream [None8.4.0.z]
(BZ#2042498)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation
2048738 - CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
2050237 - CVE-2022-0516 kernel: missing check in ioctl allows kernel memory read/write
2052984 - SNO 4.9: NO-CARRIER on pod interface using VF on intel E810-C NIC; IAVF_ERR_ADMIN_QUEUE_ERROR [rhel-8.4.0.z]

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.4):

Source:
kernel-4.18.0-305.40.1.el8_4.src.rpm

aarch64:
bpftool-4.18.0-305.40.1.el8_4.aarch64.rpm
bpftool-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-core-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-cross-headers-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debug-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debug-core-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debug-devel-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debug-modules-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-devel-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-headers-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-modules-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-modules-extra-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-tools-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-tools-libs-4.18.0-305.40.1.el8_4.aarch64.rpm
perf-4.18.0-305.40.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
python3-perf-4.18.0-305.40.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm

noarch:
kernel-abi-stablelists-4.18.0-305.40.1.el8_4.noarch.rpm
kernel-doc-4.18.0-305.40.1.el8_4.noarch.rpm

ppc64le:
bpftool-4.18.0-305.40.1.el8_4.ppc64le.rpm
bpftool-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-core-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-cross-headers-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debug-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debug-core-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debug-devel-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debug-modules-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-devel-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-headers-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-modules-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-modules-extra-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-tools-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-tools-libs-4.18.0-305.40.1.el8_4.ppc64le.rpm
perf-4.18.0-305.40.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
python3-perf-4.18.0-305.40.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm

s390x:
bpftool-4.18.0-305.40.1.el8_4.s390x.rpm
bpftool-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-core-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-cross-headers-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debug-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debug-core-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debug-devel-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debug-modules-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-debuginfo-common-s390x-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-devel-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-headers-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-modules-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-modules-extra-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-tools-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-zfcpdump-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-zfcpdump-core-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-zfcpdump-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-zfcpdump-devel-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-4.18.0-305.40.1.el8_4.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-305.40.1.el8_4.s390x.rpm
perf-4.18.0-305.40.1.el8_4.s390x.rpm
perf-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm
python3-perf-4.18.0-305.40.1.el8_4.s390x.rpm
python3-perf-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm

x86_64:
bpftool-4.18.0-305.40.1.el8_4.x86_64.rpm
bpftool-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-core-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-cross-headers-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debug-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debug-core-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debug-devel-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debug-modules-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-devel-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-headers-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-modules-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-modules-extra-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-tools-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-tools-libs-4.18.0-305.40.1.el8_4.x86_64.rpm
perf-4.18.0-305.40.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
python3-perf-4.18.0-305.40.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm

Red Hat CodeReady Linux Builder EUS (v. 8.4):

aarch64:
bpftool-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-debuginfo-common-aarch64-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
kernel-tools-libs-devel-4.18.0-305.40.1.el8_4.aarch64.rpm
perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
python3-perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm

ppc64le:
bpftool-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-debuginfo-common-ppc64le-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-305.40.1.el8_4.ppc64le.rpm
perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
python3-perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm

x86_64:
bpftool-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-debuginfo-common-x86_64-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.40.1.el8_4.x86_64.rpm
perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
python3-perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-0920
https://access.redhat.com/security/cve/CVE-2021-4028
https://access.redhat.com/security/cve/CVE-2022-0330
https://access.redhat.com/security/cve/CVE-2022-0435
https://access.redhat.com/security/cve/CVE-2022-0516
https://access.redhat.com/security/cve/CVE-2022-22942
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYifF6dzjgjWX9erEAQgMNA//VQ24yjSVdXwL99Lnx4YW6zljEgcof+5X
GCw4LgCQsMaAf5SM5Cn6Jc0lyrvGlUFgXXDmHQAy0SofRcXAzPjHDTBDl2C7kJuk
fiD1d5e7FIdOHkqhZuLjhvfXdQtJJXqxgkIw9ynKrmXqK0qWcH2i7zP7R9gVxJIA
UIhIF6LWJuma0dLpvR3H/ZalxETTed+WidyF2RUSODmtftbdkVwx4beuJ7BKpo0L
cWGeYDsumFv46CaOAcdQc0Z4h9S/fAPbgB7GHMxGCouxYs2SadO+tyD53cBFk+js
YFj7mC6OjxTRsSTs3dxfCt6tMJ4/yasFMTJc+8iy6n2GFygCtLV3PBxa63UJvPKx
Ek1SX/DH4W3pAVrBGib2eH/ts+hNAM+WEqzbTVdt9bfppsSWeU4Z9J93vy9baKPO
YszwtlkeV8Z8/+evOPg6dtr8ovlwvFLaUyepKv+2BRAbNWJkMhY+0+kCINZax5xd
VZYk8wEi32zbYTdHCpIZJYeMzG4ndHvsSx7RjAAqHjtvjovkyiGpsU6YTSAwBrp1
xrxU2gOyys1zIe7lOsA8pHG4tH7d4rrK8Fs7z6WZxZe+9WMaeBrN12FM6iarT/oP
P/TY0QAvpzpUuo6WkMF+zBFvgAEhnteGXZzaShmGY6HA64XNLgJMNmqgFnGHjwAP
puqwAJn/aPg=G48R
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-0777:01 Important: kernel security, bug fix,

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Extended Update Support

Summary

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
* kernel: use-after-free in RDMA listen() (CVE-2021-4028)
* kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
* kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS (CVE-2022-0435)
* kernel: missing check in ioctl allows kernel memory read/write (CVE-2022-0516)
* kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Intel QAT Kernel power up fix (BZ#2016436)
* RHEL8: DFS provided SMB shares are not accessible following unprivileged access (BZ#2017176)
* xfs: I_DONTCACHE flag is ignored [xfstests: xfs/177] (BZ#2028533)
* spec: Support separate tools build (BZ#2031052)
* block: update to upstream v5.14 (BZ#2034395)
* Double free of kmalloc-64 cache struct ib_port->pkey_group from module ib_core . (BZ#2038723)
* RHEL8 - kvm: floating interrupts may get stuck (BZ#2040768)
* Data corruption on small files served by httpd, which is backed by cifs-mount (BZ#2041528)
* Add a net/mlx5 patch for Hardware Offload Fix (BZ#2042662)
* DNS lookup failures when run two times in a row (BZ#2043547)
* net/sched: Fix ct zone matching for invalid conntrack state (BZ#2043549)
* Windows guest random Bsod when 'hv-tlbflush' enlightenment is enabled (BZ#2048342)
* OCP node XFS metadata corruption after numerous reboots (BZ#2049291)
* ice: bug fix series for 8.6 (BZ#2051950)
* SNO 4.9: NO-CARRIER on pod interface using VF on intel E810-C NIC; IAVF_ERR_ADMIN_QUEUE_ERROR (BZ#2052984)
* ceph omnibus backport for RHEL-8.6.0 (BZ#2053724)
* SCTP peel-off with SELinux and containers in OCP (BZ#2054111)
* Selinux is not allowing SCTP connection setup between inter pod communication in enforcing mode (BZ#2054116)
Enhancement(s):
* [Mellanox 8.5 FEAT] mlx5: drivers update upto Linux v5.12 [8.4.0.z] (BZ#2037730)
* [MCHP 8.5 FEAT] Update smartpqi driver to latest upstream [None8.4.0.z] (BZ#2042498)

Summary

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.

References

https://access.redhat.com/security/cve/CVE-2021-0920 https://access.redhat.com/security/cve/CVE-2021-4028 https://access.redhat.com/security/cve/CVE-2022-0330 https://access.redhat.com/security/cve/CVE-2022-0435 https://access.redhat.com/security/cve/CVE-2022-0516 https://access.redhat.com/security/cve/CVE-2022-22942 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux BaseOS EUS (v.8.4):
Source: kernel-4.18.0-305.40.1.el8_4.src.rpm
aarch64: bpftool-4.18.0-305.40.1.el8_4.aarch64.rpm bpftool-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-core-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-cross-headers-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debug-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debug-core-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debug-devel-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debug-modules-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-devel-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-headers-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-modules-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-modules-extra-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-tools-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-tools-libs-4.18.0-305.40.1.el8_4.aarch64.rpm perf-4.18.0-305.40.1.el8_4.aarch64.rpm perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm python3-perf-4.18.0-305.40.1.el8_4.aarch64.rpm python3-perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
noarch: kernel-abi-stablelists-4.18.0-305.40.1.el8_4.noarch.rpm kernel-doc-4.18.0-305.40.1.el8_4.noarch.rpm
ppc64le: bpftool-4.18.0-305.40.1.el8_4.ppc64le.rpm bpftool-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-core-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-cross-headers-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debug-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debug-core-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debug-devel-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debug-modules-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-devel-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-headers-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-modules-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-modules-extra-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-tools-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-tools-libs-4.18.0-305.40.1.el8_4.ppc64le.rpm perf-4.18.0-305.40.1.el8_4.ppc64le.rpm perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm python3-perf-4.18.0-305.40.1.el8_4.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
s390x: bpftool-4.18.0-305.40.1.el8_4.s390x.rpm bpftool-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm kernel-4.18.0-305.40.1.el8_4.s390x.rpm kernel-core-4.18.0-305.40.1.el8_4.s390x.rpm kernel-cross-headers-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debug-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debug-core-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debug-devel-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debug-modules-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm kernel-debuginfo-common-s390x-4.18.0-305.40.1.el8_4.s390x.rpm kernel-devel-4.18.0-305.40.1.el8_4.s390x.rpm kernel-headers-4.18.0-305.40.1.el8_4.s390x.rpm kernel-modules-4.18.0-305.40.1.el8_4.s390x.rpm kernel-modules-extra-4.18.0-305.40.1.el8_4.s390x.rpm kernel-tools-4.18.0-305.40.1.el8_4.s390x.rpm kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm kernel-zfcpdump-4.18.0-305.40.1.el8_4.s390x.rpm kernel-zfcpdump-core-4.18.0-305.40.1.el8_4.s390x.rpm kernel-zfcpdump-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm kernel-zfcpdump-devel-4.18.0-305.40.1.el8_4.s390x.rpm kernel-zfcpdump-modules-4.18.0-305.40.1.el8_4.s390x.rpm kernel-zfcpdump-modules-extra-4.18.0-305.40.1.el8_4.s390x.rpm perf-4.18.0-305.40.1.el8_4.s390x.rpm perf-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm python3-perf-4.18.0-305.40.1.el8_4.s390x.rpm python3-perf-debuginfo-4.18.0-305.40.1.el8_4.s390x.rpm
x86_64: bpftool-4.18.0-305.40.1.el8_4.x86_64.rpm bpftool-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-core-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-cross-headers-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debug-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debug-core-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debug-devel-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debug-modules-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debug-modules-extra-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-devel-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-headers-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-modules-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-modules-extra-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-tools-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-tools-libs-4.18.0-305.40.1.el8_4.x86_64.rpm perf-4.18.0-305.40.1.el8_4.x86_64.rpm perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm python3-perf-4.18.0-305.40.1.el8_4.x86_64.rpm python3-perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
Red Hat CodeReady Linux Builder EUS (v. 8.4):
aarch64: bpftool-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-debuginfo-common-aarch64-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm kernel-tools-libs-devel-4.18.0-305.40.1.el8_4.aarch64.rpm perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm python3-perf-debuginfo-4.18.0-305.40.1.el8_4.aarch64.rpm
ppc64le: bpftool-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-debuginfo-common-ppc64le-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm kernel-tools-libs-devel-4.18.0-305.40.1.el8_4.ppc64le.rpm perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm python3-perf-debuginfo-4.18.0-305.40.1.el8_4.ppc64le.rpm
x86_64: bpftool-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debug-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-debuginfo-common-x86_64-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-tools-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm kernel-tools-libs-devel-4.18.0-305.40.1.el8_4.x86_64.rpm perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm python3-perf-debuginfo-4.18.0-305.40.1.el8_4.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity

Advisory ID: RHSA-2022:0777-01

Product: Red Hat Enterprise Linux

Advisory URL: https://access.redhat.com/errata/RHSA-2022:0777

Issued Date: : 2022-03-08

CVE Names: CVE-2021-0920 CVE-2021-4028 CVE-2022-0330 CVE-2022-0435 CVE-2022-0516 CVE-2022-22942

Topic

An update for kernel is now available for Red Hat Enterprise Linux 8.4Extended Update Support.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topic

Relevant Releases Architectures

Red Hat CodeReady Linux Builder EUS (v. 8.4) - aarch64, ppc64le, x86_64

Red Hat Enterprise Linux BaseOS EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()

2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation

2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush

2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation

2048738 - CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS

2050237 - CVE-2022-0516 kernel: missing check in ioctl allows kernel memory read/write

2052984 - SNO 4.9: NO-CARRIER on pod interface using VF on intel E810-C NIC; IAVF_ERR_ADMIN_QUEUE_ERROR [rhel-8.4.0.z]

RedHat: RHSA-2022-0777:01 Important: kernel security, bug fix,

Summary

Summary

Solution

References

Package List

Topic

Topic

Relevant Releases Architectures

Bugs Fixed

Related News

Get the Latest News & Insights

News

Advisories

HOWTOs

Features

About Us

Powered By