RedHat: RHSA-2022-1535:01 Important: kpatch-patch security update |...

What Are You Looking For?

Popular Tags

Contribute
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: kpatch-patch security update
Advisory ID:       RHSA-2022:1535-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:1535
Issue date:        2022-04-26
CVE Names:         CVE-2021-4028 CVE-2022-25636 
=====================================================================

1. Summary:

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 8) - ppc64le, x86_64

3. Description:

This is a kernel live patch module which is automatically loaded by the RPM
post-install script to modify the code of a running kernel.

Security Fix(es):

* kernel: use-after-free in RDMA listen() (CVE-2021-4028)

* kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 8):

Source:
kpatch-patch-4_18_0-348-1-4.el8.src.rpm
kpatch-patch-4_18_0-348_12_2-1-2.el8_5.src.rpm
kpatch-patch-4_18_0-348_20_1-1-1.el8_5.src.rpm
kpatch-patch-4_18_0-348_2_1-1-3.el8_5.src.rpm
kpatch-patch-4_18_0-348_7_1-1-3.el8_5.src.rpm

ppc64le:
kpatch-patch-4_18_0-348-1-4.el8.ppc64le.rpm
kpatch-patch-4_18_0-348-debuginfo-1-4.el8.ppc64le.rpm
kpatch-patch-4_18_0-348-debugsource-1-4.el8.ppc64le.rpm
kpatch-patch-4_18_0-348_12_2-1-2.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_12_2-debuginfo-1-2.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_12_2-debugsource-1-2.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_20_1-1-1.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_20_1-debuginfo-1-1.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_20_1-debugsource-1-1.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_2_1-1-3.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_2_1-debuginfo-1-3.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_2_1-debugsource-1-3.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_7_1-1-3.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_7_1-debuginfo-1-3.el8_5.ppc64le.rpm
kpatch-patch-4_18_0-348_7_1-debugsource-1-3.el8_5.ppc64le.rpm

x86_64:
kpatch-patch-4_18_0-348-1-4.el8.x86_64.rpm
kpatch-patch-4_18_0-348-debuginfo-1-4.el8.x86_64.rpm
kpatch-patch-4_18_0-348-debugsource-1-4.el8.x86_64.rpm
kpatch-patch-4_18_0-348_12_2-1-2.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_12_2-debuginfo-1-2.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_12_2-debugsource-1-2.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_20_1-1-1.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_20_1-debuginfo-1-1.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_20_1-debugsource-1-1.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_2_1-1-3.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_2_1-debuginfo-1-3.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_2_1-debugsource-1-3.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_7_1-1-3.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_7_1-debuginfo-1-3.el8_5.x86_64.rpm
kpatch-patch-4_18_0-348_7_1-debugsource-1-3.el8_5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-4028
https://access.redhat.com/security/cve/CVE-2022-25636
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYmhvrNzjgjWX9erEAQg99Q/+PplsIBYGZ56HwfZIJgNgv7p54uJiqXLS
DtJTKG9zXB7xVm5t9TWK3KqiTRcerDesfDSCyxH+hae5FeXqPGltwgTCiDnKXhBu
obpqDF4giUS32nQ5zKWFr+XsZVBn+GjIYbyZecP/H3Kvk0LbCv+ilA4Lm5Wq+eJi
u5yiRReaWvSZaApOkEm9ykOPqFtgVE8Q4HGPz9do9maeWMz4F0DjxYFOZQvR1dnK
I36cVqA6gUCke5H1D7iZBIRgAktDbAe2DCLe3T2bdzjuqgXxgEW+ma6Hp/cVqQSQ
/OkIWI6y5w5MMwZ7wBhqUduO1oPLVIPSrZzOr/0gK3fVU0iwPHlNCjhSqCg72+N+
5gJofIJIRMuQQwxj2+WFvInmu5ZJxuVBqkfB1j3oNRB7iaEII13Syee/c7kuJGgN
ESGODBO9kDey27eeAogCZD581dujXnUjyedtkbIQnhj/rP/m12CuV7RVZrbfv607
0Y+OBNds0VhrGsUtlI5PKA2DHsDR7T4EooLDtP3xoeeMtRL3aHVw86xN+59a0Bny
YP11wHyGLfCHVyUvkIqId2Z9ApPw5/RxBIC6SzEyXkpjNZSjL5t0dK3aTH1VS7lQ
wuxOdOPFHUzN1deO+ZhIWCir7XmnhHF9I+bc2xEt5no7xl7GootxHIoh9wZv8E14
UZrttEITEEY=
=XjdR
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-1535:01 Important: kpatch-patch security update

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8

Summary

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
* kernel: use-after-free in RDMA listen() (CVE-2021-4028)
* kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changesdescribed in this advisory, refer to:https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2021-4028 https://access.redhat.com/security/cve/CVE-2022-25636 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux BaseOS (v. 8):
Source: kpatch-patch-4_18_0-348-1-4.el8.src.rpm kpatch-patch-4_18_0-348_12_2-1-2.el8_5.src.rpm kpatch-patch-4_18_0-348_20_1-1-1.el8_5.src.rpm kpatch-patch-4_18_0-348_2_1-1-3.el8_5.src.rpm kpatch-patch-4_18_0-348_7_1-1-3.el8_5.src.rpm
ppc64le: kpatch-patch-4_18_0-348-1-4.el8.ppc64le.rpm kpatch-patch-4_18_0-348-debuginfo-1-4.el8.ppc64le.rpm kpatch-patch-4_18_0-348-debugsource-1-4.el8.ppc64le.rpm kpatch-patch-4_18_0-348_12_2-1-2.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_12_2-debuginfo-1-2.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_12_2-debugsource-1-2.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_20_1-1-1.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_20_1-debuginfo-1-1.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_20_1-debugsource-1-1.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_2_1-1-3.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_2_1-debuginfo-1-3.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_2_1-debugsource-1-3.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_7_1-1-3.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_7_1-debuginfo-1-3.el8_5.ppc64le.rpm kpatch-patch-4_18_0-348_7_1-debugsource-1-3.el8_5.ppc64le.rpm
x86_64: kpatch-patch-4_18_0-348-1-4.el8.x86_64.rpm kpatch-patch-4_18_0-348-debuginfo-1-4.el8.x86_64.rpm kpatch-patch-4_18_0-348-debugsource-1-4.el8.x86_64.rpm kpatch-patch-4_18_0-348_12_2-1-2.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_12_2-debuginfo-1-2.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_12_2-debugsource-1-2.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_20_1-1-1.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_20_1-debuginfo-1-1.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_20_1-debugsource-1-1.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_2_1-1-3.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_2_1-debuginfo-1-3.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_2_1-debugsource-1-3.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_7_1-1-3.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_7_1-debuginfo-1-3.el8_5.x86_64.rpm kpatch-patch-4_18_0-348_7_1-debugsource-1-3.el8_5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/


Severity
Advisory ID: RHSA-2022:1535-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:1535
Issued Date: : 2022-04-26
CVE Names: CVE-2021-4028 CVE-2022-25636

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Relevant Releases Architectures

Red Hat Enterprise Linux BaseOS (v. 8) - ppc64le, x86_64

Bugs Fixed

2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()

2056830 - CVE-2022-25636 kernel: heap out of bounds write in nf_dup_netdev.c

Related News

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

It’s Not Just Windows that Gets Malware

Google Discloses CentOS Linux Kernel Vulnerabilities Following Failure to Issue Timely Fixes

Amazon Linux 2023, a Cloud-Optimized Linux Distro, Is Now Available

News

Advisories

HOWTOs

Features

Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories
Best Linux Backup Solutions to Prevent Data Loss in A Ransomware Attack

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy