Explore top 10 tips to secure your open-source projects now. Read More
×
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
The kernel-rt packages provide the Real Time Linux Kernel, which enables
fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
* use-after-free caused by l2cap_reassemble_sdu() in
net/bluetooth/l2cap_core.c (CVE-2022-3564)
* net/ulp: use-after-free in listening ULP sockets (CVE-2023-0461)
* hw: cpu: AMD CPUs may transiently execute beyond unconditional direct
branch (CVE-2021-26341)
* malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory
(CVE-2021-33655)
* when setting font with malicious data by ioctl PIO_FONT, kernel will
write memory out of bounds (CVE-2021-33656)
* possible race condition in drivers/tty/tty_buffers.c (CVE-2022-1462)
* use-after-free in ath9k_htc_probe_device() could cause an escalation of
privileges (CVE-2022-1679)
* KVM: NULL pointer dereference in kvm_mmu_invpcid_gva (CVE-2022-1789)
* KVM: nVMX: missing IBPB when exiting from nested guest can lead to
Spectre v2 attacks (CVE-2022-2196)
* netfilter: nf_conntrack_irc message handling issue (CVE-2022-2663)
* race condition in xfrm_probe_algs can lead to OOB read/write
(CVE-2022-3028)
* media: em28xx: initialize refcount before kref_get (CVE-2022-3239)
* race condition in hugetlb_no_page() in mm/hugetlb.c (CVE-2022-3522)
* memory leak in ipv6_renew_options() (CVE-2022-3524)
* data races around icsk->icsk_af_ops in do_ipv6_setsockopt (CVE-2022-3566)
* data races around sk->sk_prot (CVE-2022-3567)
* memory leak in l2cap_recv_acldata of the file net/bluetooth/l2cap_core.c
(CVE-2022-3619)
* denial of service in follow_page_pte in mm/gup.c due to poisoned pte
entry (CVE-2022-3623)
* use-after-free after failed devlink reload in devlink_param_get
(CVE-2022-3625)
* USB-accessible buffer overflow in brcmfmac (CVE-2022-3628)
* Double-free in split_2MB_gtt_entry when function
intel_gvt_dma_map_guest_page failed (CVE-2022-3707)
* l2tp: missing lock when clearing sk_user_data can lead to NULL pointer
dereference (CVE-2022-4129)
* igmp: use-after-free in ip_check_mc_rcu when opening and closing inet
sockets (CVE-2022-20141)
* Executable Space Protection Bypass (CVE-2022-25265)
* Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP
option (CVE-2022-30594)
* unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to
stale TLB entry (CVE-2022-39188)
* TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading
to guest malfunctioning (CVE-2022-39189)
* Report vmalloc UAF in dvb-core/dmxdev (CVE-2022-41218)
* u8 overflow problem in cfg80211_update_notlisted_nontrans()
(CVE-2022-41674)
* use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)
* use-after-free in bss_ref_get in net/wireless/scan.c (CVE-2022-42720)
* BSS list corruption in cfg80211_add_nontrans_list in net/wireless/scan.c
(CVE-2022-42721)
* Denial of service in beacon protection for P2P-device (CVE-2022-42722)
* memory corruption in usbmon driver (CVE-2022-43750)
* NULL pointer dereference in traffic control subsystem (CVE-2022-47929)
* NULL pointer dereference in rawv6_push_pending_frames (CVE-2023-0394)
* use-after-free caused by invalid pointer hostname in fs/cifs/connect.c
(CVE-2023-1195)
* Soft lockup occurred during __page_mapcount (CVE-2023-1582)
* slab-out-of-bounds read vulnerabilities in cbq_classify (CVE-2023-23454)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.8 Release Notes linked from the References section.
https://access.redhat.com/security/cve/CVE-2021-26341 https://access.redhat.com/security/cve/CVE-2021-33655 https://access.redhat.com/security/cve/CVE-2021-33656 https://access.redhat.com/security/cve/CVE-2022-1462 https://access.redhat.com/security/cve/CVE-2022-1679 https://access.redhat.com/security/cve/CVE-2022-1789 https://access.redhat.com/security/cve/CVE-2022-2196 https://access.redhat.com/security/cve/CVE-2022-2663 https://access.redhat.com/security/cve/CVE-2022-3028 https://access.redhat.com/security/cve/CVE-2022-3239 https://access.redhat.com/security/cve/CVE-2022-3522 https://access.redhat.com/security/cve/CVE-2022-3524 https://access.redhat.com/security/cve/CVE-2022-3564 https://access.redhat.com/security/cve/CVE-2022-3566 https://access.redhat.com/security/cve/CVE-2022-3567 https://access.redhat.com/security/cve/CVE-2022-3619 https://access.redhat.com/security/cve/CVE-2022-3623 https://access.redhat.com/security/cve/CVE-2022-3625 https://access.redhat.com/security/cve/CVE-2022-3628 https://access.redhat.com/security/cve/CVE-2022-3707 https://access.redhat.com/security/cve/CVE-2022-4129 https://access.redhat.com/security/cve/CVE-2022-20141 https://access.redhat.com/security/cve/CVE-2022-25265 https://access.redhat.com/security/cve/CVE-2022-30594 Read the Full Advisory
Red Hat Enterprise Linux NFV (v. 8):
Source:
kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.src.rpm
x86_64:
kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-kvm-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debuginfo-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debuginfo-common-x86_64-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-devel-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-kvm-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-modules-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-modules-extra-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
Red Hat Enterprise Linux RT (v. 8):
Source:
kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.src.rpm
x86_64:
kernel-rt-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-core-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
kernel-rt-debug-4.18.0-477.10.1.rt7.274.el8_8.x86_64.rpm
Read the Full Advisory
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.
Red Hat Enterprise Linux NFV (v. 8) - x86_64
Red Hat Enterprise Linux RT (v. 8) - x86_64
2055499 - CVE-2022-25265 kernel: Executable Space Protection Bypass
2061703 - CVE-2021-26341 hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch
2078466 - CVE-2022-1462 kernel: possible race condition in drivers/tty/tty_buffers.c
2084125 - CVE-2022-1679 kernel: use-after-free in ath9k_htc_probe_device() could cause an escalation of privileges
2085300 - CVE-2022-30594 kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
2090723 - CVE-2022-1789 kernel: KVM: NULL pointer dereference in kvm_mmu_invpcid_gva
2108691 - CVE-2021-33655 kernel: malicious data for FBIOPUT_VSCREENINFO ioctl may cause OOB write memory
2108696 - CVE-2021-33656 kernel: when setting font with malicious data by ioctl PIO_FONT, kernel will write memory out of bounds
2114937 - CVE-2022-20141 kernel: igmp: use-after-free in ip_check_mc_rcu when opening and closing inet sockets
2122228 - CVE-2022-3028 kernel: race condition in xfrm_probe_algs can lead to OOB read/write
2122960 - CVE-2022-41218 kernel: Report vmalloc UAF in dvb-core/dmxdev
2123056 - CVE-2022-2663 kernel: netfilter: nf_conntrack_irc message handling issue
2124788 - CVE-2022-39189 kernel: TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED leading to guest malfunctioning
2127985 - CVE-2022-3239 kernel: media: em28xx: initialize refcount before kref_get
Get the latest Linux and open source security news straight to your inbox.