Stay Vigilant with Timely Linux Security Advisories

security advisoryred hatsecurity fix

Red Hat Enterprise Linux: Important RHSA-2023-4698-01 Out-Of-Bounds Write

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2023:4698-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:4698 Issue date: 2023-08-22 CVE Names: CVE-2023-35788 ===================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 7.7 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server E4S (v. 7.7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() 6. Package List: Red HatEnterprise Linux Server E4S (v. 7.7): Source: kpatch-patch-3_10_0-1062_71_1-1-3.el7.src.rpm kpatch-patch-3_10_0-1062_72_1-1-2.el7.src.rpm kpatch-patch-3_10_0-1062_76_1-1-1.el7.src.rpm ppc64le: kpatch-patch-3_10_0-1062_71_1-1-3.el7.ppc64le.rpm kpatch-patch-3_10_0-1062_71_1-debuginfo-1-3.el7.ppc64le.rpm kpatch-patch-3_10_0-1062_72_1-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1062_72_1-debuginfo-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1062_76_1-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1062_76_1-debuginfo-1-1.el7.ppc64le.rpm x86_64: kpatch-patch-3_10_0-1062_71_1-1-3.el7.x86_64.rpm kpatch-patch-3_10_0-1062_71_1-debuginfo-1-3.el7.x86_64.rpm kpatch-patch-3_10_0-1062_72_1-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1062_72_1-debuginfo-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1062_76_1-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1062_76_1-debuginfo-1-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-35788 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIcBAEBCAAGBQJk5MPuAAoJENzjgjWX9erEdJcP/0fPZxQc82JROsbSp+T8cauP 14927/sHy9zak5TIGqVBMwXDj1QH732Y5EvAhSJhxQjoooRG9ukG4dix3vEvPccL EOWB13kKBmUh7+BCguxeeP7vEIL4gJ2LH5QzpiHGt+lodwZoF+V0MTU61A8u9pcq cb+Z1oRr8MK6/PCTYqjxGjM7qU8dcyY7fVinQ5YY1TxrbUvnVGaNSI7AOeZwu2jy CBFs6oCikm8RRhbXGL7nIEfUIM+2n7pxxCjqotzIc1zknDYl67QVko5VWfzsdTcF SaUbQovkSGtIa5sxwh2qCG/V8uBYj1cMRcjUmWQ72IJymkLWMgh3sXjPesktHQJj qC54f0tnSHB/Ws995smD1UdXLeBJ2ZwQIVCYR3ISMP0xc5b6oX7G3lJuMvLX67sa mr158DC7dEbzC4SHmSwpO97ISr7ZQqqMHJjrXDzaqiTYKwrrBrYjIO55G1OVQPM7 k82aW29ncj5qf0MIpmAO/kQVmzit/rRcNcGtDnUEsnpkTaPwcIK2o97L4Meidolx Eazn3lV8q0nDhq1ZYa6iTokMQlm8jt2UmcLdWypBfhPKc1IQal4acDR0A5l432TC FUVC8QVWWlwjGpvIh4A0n/fnQh0adBexwQS0sUFB7kNemFm6gfcOi5YWN9OWNnVm 9cOVgjRwe9TNjnTPohiK =qAjS -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Acquire knowledge regarding the significant kpatch-patch enhancement affecting Red Hat Linux, along with the accompanying security protocols implemented.. Red Hat Enterprise Linux, kpatch-patch update, kernel security, important advisory, security impacts. . Severity: Important. LinuxSecurity.com Team

Aug 22, 2023 •Important Red Hat

security advisoryprivilege escalationkernel patch

Red Hat Enterprise Linux 9.0 RHSA-2023-1984-01 Important Kpatch Escalation

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2023:1984-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1984 Issue date: 2023-04-25 CVE Names: CVE-2023-0386 ==================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v.9.0) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2159505 - CVE-2023-0386 kernel: FUSE filesystem low-privileged user privileges escalation 6. Package List: Red Hat Enterprise Linux BaseOS EUS(v.9.0): Source: kpatch-patch-5_14_0-70_30_1-1-5.el9_0.src.rpm kpatch-patch-5_14_0-70_36_1-1-4.el9_0.src.rpm kpatch-patch-5_14_0-70_43_1-1-3.el9_0.src.rpm kpatch-patch-5_14_0-70_49_1-1-2.el9_0.src.rpm kpatch-patch-5_14_0-70_50_2-1-1.el9_0.src.rpm ppc64le: kpatch-patch-5_14_0-70_30_1-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_30_1-debuginfo-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_30_1-debugsource-1-5.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_36_1-1-4.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_36_1-debuginfo-1-4.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_36_1-debugsource-1-4.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_43_1-1-3.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_43_1-debuginfo-1-3.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_43_1-debugsource-1-3.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_49_1-1-2.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_49_1-debuginfo-1-2.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_49_1-debugsource-1-2.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_50_2-1-1.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_50_2-debuginfo-1-1.el9_0.ppc64le.rpm kpatch-patch-5_14_0-70_50_2-debugsource-1-1.el9_0.ppc64le.rpm x86_64: kpatch-patch-5_14_0-70_30_1-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_30_1-debuginfo-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_30_1-debugsource-1-5.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_36_1-1-4.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_36_1-debuginfo-1-4.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_36_1-debugsource-1-4.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_43_1-1-3.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_43_1-debuginfo-1-3.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_43_1-debugsource-1-3.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_49_1-1-2.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_49_1-debuginfo-1-2.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_49_1-debugsource-1-2.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_50_2-1-1.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_50_2-debuginfo-1-1.el9_0.x86_64.rpm kpatch-patch-5_14_0-70_50_2-debugsource-1-1.el9_0.x86_64.rpm These packages are GPG signed by Red Hat for security. Our keyand details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-0386 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZEe/OdzjgjWX9erEAQgufQ//fDXSzoikL1jX2sZ9p8xKP9k1n7ddJZSa uBwl7BJcsmZ6UxukTFGpgsHxzlw0fpwVWU9WJxgDkKXQ2SaqaL9GNWh1VAIZj2BQ FGXi5FuBn3a0F8+vDzWApNlgnxhHspqHtT+duh2S5oPQ4OCF7ha2nzI34NCZDomx xXp9RTblxIDYGgLwrBmaHhgJb2gddHJwQymADE1yi/qEdV9PmhAlJd1PozGkgrQW WJU5wSP2Ppx6rCgkNSKdkG+DaCTqtK1HouBgsgAbvU0VqdFZSPjhb48sXZ7roe45 HesxY5ofH1ouKFwqWJPrkh0ra7nvSex1TWGXOjI+PMIoodDX5hb9Z7r1n7hz4/iI ZIIYF2W9Gg/6Et/lU8Oi5UqVw17287UbsfMWWpwVcm+mfQmhkU584us74o1VtQg6 gAcU0yJE1MWPZrisQs+vNu2XHqX4Mdl5QyGU+mH6MjIQF2VDIYwhkbVPoyWdDnPH fI5jBmcJcpeOB0svwett1Q3zv++LZaxkhJwqgDbPiRw2RxYsOkJf9BqK28Qz5RH0 hIz5/ayBz5xbAil7nivB4cSjhMilw+s17hwAMS7HtqEJQ4MUVYGbRJF+tEN5YP6h nldlLV/ehbFuGTn03ZCHSsg898GiX0DwqARhgKbGpNPvK+aYQ5Kw6q4Vzfh9dVYl qDiQifO1QgQ=3T1V -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A critical kpatch-patch security upgrade has been released for Red Hat Enterprise Linux 9.0 Extended Update Support.. Red Hat Enterprise Linux,kpatch-patch update,security advisory,Kernel security fix,privilege escalation. . Severity: Important. LinuxSecurity.com Team

Apr 25, 2023 •Important Red Hat

security advisorysecurity updateprivilege escalation

Red Hat Enterprise Linux 8 RHSA-2023:1659-01 Important Kpatch Update Alert

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2023:1659-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1659 Issue date: 2023-04-05 CVE Names: CVE-2022-4378 CVE-2023-0266 CVE-2023-0386 CVE-2023-1476 ==================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS (v. 8) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266) * kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386) * kpatch: mm/mremap.c: incomplete fix for CVE-2022-41222 (CVE-2023-1476) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on howto apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2152548 - CVE-2022-4378 kernel: stack overflow in do_proc_dointvec and proc_skip_spaces 2159505 - CVE-2023-0386 kernel: FUSE filesystem low-privileged user privileges escalation 2163379 - CVE-2023-0266 ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF 2176035 - CVE-2023-1476 kpatch: mm/mremap.c: incomplete fix for CVE-2022-41222 6. Package List: Red Hat Enterprise Linux BaseOS (v. 8): Source: kpatch-patch-4_18_0-425_10_1-1-4.el8_7.src.rpm kpatch-patch-4_18_0-425_13_1-1-2.el8_7.src.rpm kpatch-patch-4_18_0-425_3_1-1-6.el8.src.rpm ppc64le: kpatch-patch-4_18_0-425_10_1-1-4.el8_7.ppc64le.rpm kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.ppc64le.rpm kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.ppc64le.rpm kpatch-patch-4_18_0-425_13_1-1-2.el8_7.ppc64le.rpm kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.ppc64le.rpm kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.ppc64le.rpm kpatch-patch-4_18_0-425_3_1-1-6.el8.ppc64le.rpm kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.ppc64le.rpm kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.ppc64le.rpm x86_64: kpatch-patch-4_18_0-425_10_1-1-4.el8_7.x86_64.rpm kpatch-patch-4_18_0-425_10_1-debuginfo-1-4.el8_7.x86_64.rpm kpatch-patch-4_18_0-425_10_1-debugsource-1-4.el8_7.x86_64.rpm kpatch-patch-4_18_0-425_13_1-1-2.el8_7.x86_64.rpm kpatch-patch-4_18_0-425_13_1-debuginfo-1-2.el8_7.x86_64.rpm kpatch-patch-4_18_0-425_13_1-debugsource-1-2.el8_7.x86_64.rpm kpatch-patch-4_18_0-425_3_1-1-6.el8.x86_64.rpm kpatch-patch-4_18_0-425_3_1-debuginfo-1-6.el8.x86_64.rpm kpatch-patch-4_18_0-425_3_1-debugsource-1-6.el8.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2022-4378 https://access.redhat.com/security/cve/CVE-2023-0266 https://access.redhat.com/security/cve/CVE-2023-0386 https://access.redhat.com/security/cve/CVE-2023-1476 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZC2Qe9zjgjWX9erEAQhVwA/9F+geRfR34ASgwJojn/TmhjS6mIrUdsy+ JSeDC5XeDhtilIACCC/GYS2NUApiQiIsQAQ3rlXc1CeAJVLaPoZPtIaDieg7uq9X LU9O0RVRUt7gJQAjtRY1zPqS6ZMkMcEnPqF2gMxnlyVaCFFvv81FkRICZsT4BjcK 5PlbFaUm2hroSR0L5bzQD0HvA6fKR0QkjFr+n5Uq4KLp+PB7cWhXatQYzhsswu7k ja7LZbiVeiCzgeWzXrWaDzTygLTRo2nFzeKuxwa6YfwGKaBrL8LN1HorqWr5XLCm 001eTo1tTQCUhT8G1Sbw+BNZN20o+XdC6naJahAeq76p3vXhHXjbKutPqUgRDpgZ KiMu4Wi+pBTolH/MDrRDIeUpqDL9QON9b2sd3M3ZjfQI2GU84CUJJj/Z7Bs9BQzz JAskb1stqTom5S5oYX24uL9mKP+2d4WMEaPM1LWzlewKpIBJXryWHryN/LJggxOo bN09uK27ll+mTiBL9N+Spk4FlB5ZOOx9s3kcYWqv38sqRLlNNM/UKouDoR0pQd81 IFKymxdIek5bM7qiySBQDpz4kOiw899KPxc+iC03FOqt8sYMHVz4O0jR97mn0DDO rxm6CwbM7/RpoqlNTprkufFsKR3sMZx5ryxIZBhwkejLi87wWkC0miqz8xeqUXkf CC9zM26e1Eg=qd3R -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An essential security enhancement for kpatch-patch in Red Hat Enterprise Linux tackles significant weaknesses and provides resolutions.. Kpatch Patch Update, Red Hat Security Advisory, Kernel Security Patch. . Severity: Important. LinuxSecurity.com Team

Apr 05, 2023 •Important Red Hat

security advisorykernel patchred hat enterprise

RedHat: RHSA-2023-1104 Critical Kpatch Update Buffer Overflow Issue

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2023:1103-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1103 Issue date: 2023-03-07 CVE Names: CVE-2022-4378 ==================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS E4S (v. 8.2) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2152548 - CVE-2022-4378 kernel: stack overflow in do_proc_dointvec and proc_skip_spaces 6. Package List: Red Hat EnterpriseLinux BaseOS E4S (v. 8.2): Source: kpatch-patch-4_18_0-193_90_1-1-4.el8_2.src.rpm kpatch-patch-4_18_0-193_91_1-1-4.el8_2.src.rpm kpatch-patch-4_18_0-193_93_1-1-3.el8_2.src.rpm kpatch-patch-4_18_0-193_95_1-1-2.el8_2.src.rpm kpatch-patch-4_18_0-193_98_1-1-1.el8_2.src.rpm ppc64le: kpatch-patch-4_18_0-193_90_1-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_90_1-debuginfo-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_90_1-debugsource-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_91_1-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_91_1-debuginfo-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_91_1-debugsource-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_93_1-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_93_1-debuginfo-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_93_1-debugsource-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_95_1-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_95_1-debuginfo-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_95_1-debugsource-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_98_1-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_98_1-debuginfo-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_98_1-debugsource-1-1.el8_2.ppc64le.rpm x86_64: kpatch-patch-4_18_0-193_90_1-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_90_1-debuginfo-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_90_1-debugsource-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_91_1-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_91_1-debuginfo-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_91_1-debugsource-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_93_1-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_93_1-debuginfo-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_93_1-debugsource-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_95_1-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_95_1-debuginfo-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_95_1-debugsource-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_98_1-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_98_1-debuginfo-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_98_1-debugsource-1-1.el8_2.x86_64.rpm These packages areGPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-4378 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZAcuF9zjgjWX9erEAQiXgRAApccr26Oub6U9TlUdxdqDFprKVYzBfeDq G16IDPwGU+szcSUtV/+q1WS6Qg44/vLdhq8VDP960NZdxdADosvXUd9l0pDoi5Mz Smmntkjokf7SDtTVr0VEmGU1dxD4aWkyGmV6vYGjcYxx+/U4hFR7JLH6GRh203zV uY/fkJBeQjxHL+5xfeHxX4DIeO+kChSmbESl9D0I39zRt78yuZk9uuFS2jEaDvAK Qk9VgL8c2v/RjUZqgXU/Vf6KODryjk+SC1p7OOCt9vO6ytF2gr2C9F6VQlUt9xe2 GPds9nZh4qPaLbRIAj3k7uYpH8TIdbJ9KflCAj1SU+J1pYZKQGuGQCyUfJAXLMF3 MQzm9Gq9TWb4OcUV10pZRGcYKKP/hcqh2J4ssh8mOcMen9mNvi1pv8PrJJVkahCO 1pGRLKG88XMKECTSMyRtgjwnx0yYZyZN+JuMHjX74dmglIYgqp+HKh7u2iL0NYEX v6DwIrG/ealgpx4DNENQmfHsr+0z7O6TQWtPNiECfyORuJG/7g1MjCMB5o1RtAgj LcHL8/UbuWTifCk7rJ1Z1F2cJrpJ5fHKZ922U1JDbiPtK2mBw2I/RiVbYlMzPmPF itlD7NMz6jaVcDR1ogNPkQnJnI4JSwvPuT2HlWLyprKBEqk3Q/VwQKiwcTg6DArC Piyibz2Gyrw=tAzH -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial kpatch-patch security fix released for Red Hat Enterprise Linux 8.2. Find out more and learn how to address the issue here.. kpatch-patch Security Update, Red Hat Advisory, Kernel Live Patch. . Severity: Critical. LinuxSecurity.com Team

Mar 07, 2023 •Critical Red Hat

security advisoryRed Hatkernel update

Red Hat 7: RHSA-2023-0404 Important: Kpatch-Patch Memory Issue

An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2023:0404-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:0404 Issue date: 2023-01-24 CVE Names: CVE-2022-2964 ==================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server (v. 7) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device. 6. Package List: Red HatEnterprise Linux Server (v. 7): Source: kpatch-patch-3_10_0-1160_71_1-1-2.el7.src.rpm kpatch-patch-3_10_0-1160_76_1-1-2.el7.src.rpm kpatch-patch-3_10_0-1160_80_1-1-1.el7.src.rpm kpatch-patch-3_10_0-1160_81_1-1-1.el7.src.rpm ppc64le: kpatch-patch-3_10_0-1160_71_1-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_71_1-debuginfo-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_76_1-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_76_1-debuginfo-1-2.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_80_1-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_80_1-debuginfo-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_81_1-1-1.el7.ppc64le.rpm kpatch-patch-3_10_0-1160_81_1-debuginfo-1-1.el7.ppc64le.rpm x86_64: kpatch-patch-3_10_0-1160_71_1-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_71_1-debuginfo-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_76_1-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_76_1-debuginfo-1-2.el7.x86_64.rpm kpatch-patch-3_10_0-1160_80_1-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_80_1-debuginfo-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_81_1-1-1.el7.x86_64.rpm kpatch-patch-3_10_0-1160_81_1-debuginfo-1-1.el7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-2964 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBY9AIo9zjgjWX9erEAQg/sQ//YHi+fwqLXoKOvTVAfd7N5/0XEVtFxRUB W+s4KYtcPVyGw318Xd1Il0y/kb/Qsw06/UMPHapOBSopzdihPaySsyjYIiJu0fPX 3zUAOfDOmqTehDlVPzC+AhHXN7bsHeX4fg9KeF0MugRbuDHMFRslBIh5jaHaD4Fu GeA/sXPxZ+xzuzh7ALiaIxAUHOzk6CLNI3TcCUoMipZt6P25zMPkOCzK3UlFNSWp 5BAir7uZUUxYRdaVzIdx6UtWcp2iKLWQbBvpB9keQ+9Fl/o/juLfaOmH28gB/A9+ WFjgjleWUeJYbZQYfzbdJy1+SCWhnmc6gFaUW55ZVMTyQwZq7UzgJVzH3d2J+mjN IHTBRyokMdibLX7cL529AH3Ecvk7eY19bEa7wMjSoQ9l+NZ/1/buFtadtjSBNTZ/ kcVMx/HVT5FXim7iID7XxojBA07vErnh/pPyvlJe7uzyv7NYLKzVs2i84leBVzTs 28jrICvk97QZ3obdScHOxDpGQXPxvltl9qFH78QarBfYhRH9sQXqSVjzr8+NpmoY cK1L3iUp8cEnRr2ZDQfJlNGTl+By2bOFNpgNZioLglQGc2kYzo6S/3NtW7gRi5F1 AS4w94ueRf7NQDM9puQS42P4Vhn99rvjoTOExOHDGQ67BY8HDqivbFBx1sRPk58j z0X7ROA+ECQ=WEyv -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . A significant enhancement for kpatch-patch is released for Red Hat Enterprise Linux 7 to resolve memory integrity concerns.. Red Hat Enterprise Linux,kpatch,kernel update,patch management. . Severity: Important. LinuxSecurity.com Team

Jan 24, 2023 •Important Red Hat

security advisoryupdatered hat

RedHat 8.1 RHSA-2022:5648-01 Important Kpatch-Patch Privilege Escalation

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:5648-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5648 Issue date: 2022-07-19 CVE Names: CVE-2022-32250 ==================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2092427 - CVE-2022-32250 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation toroot 6. Package List: Red Hat Enterprise Linux BaseOS E4S (v.8.1): Source: kpatch-patch-4_18_0-147_51_2-1-8.el8_1.src.rpm kpatch-patch-4_18_0-147_52_1-1-7.el8_1.src.rpm kpatch-patch-4_18_0-147_54_2-1-6.el8_1.src.rpm kpatch-patch-4_18_0-147_56_1-1-6.el8_1.src.rpm kpatch-patch-4_18_0-147_58_1-1-4.el8_1.src.rpm kpatch-patch-4_18_0-147_59_1-1-4.el8_1.src.rpm kpatch-patch-4_18_0-147_64_1-1-3.el8_1.src.rpm kpatch-patch-4_18_0-147_65_1-1-2.el8_1.src.rpm kpatch-patch-4_18_0-147_67_1-1-1.el8_1.src.rpm ppc64le: kpatch-patch-4_18_0-147_51_2-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_2-debuginfo-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_2-debugsource-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_52_1-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_52_1-debuginfo-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_52_1-debugsource-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_54_2-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_54_2-debuginfo-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_54_2-debugsource-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_56_1-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_56_1-debuginfo-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_56_1-debugsource-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_58_1-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_58_1-debuginfo-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_58_1-debugsource-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_59_1-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_59_1-debuginfo-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_59_1-debugsource-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_64_1-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_64_1-debuginfo-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_64_1-debugsource-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_65_1-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_65_1-debuginfo-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_65_1-debugsource-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_67_1-1-1.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_67_1-debuginfo-1-1.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_67_1-debugsource-1-1.el8_1.ppc64le.rpm x86_64: kpatch-patch-4_18_0-147_51_2-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_2-debuginfo-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_2-debugsource-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_52_1-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_52_1-debuginfo-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_52_1-debugsource-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_54_2-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_54_2-debuginfo-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_54_2-debugsource-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_56_1-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_56_1-debuginfo-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_56_1-debugsource-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_58_1-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_58_1-debuginfo-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_58_1-debugsource-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_59_1-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_59_1-debuginfo-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_59_1-debugsource-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_64_1-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_64_1-debuginfo-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_64_1-debugsource-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_65_1-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_65_1-debuginfo-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_65_1-debugsource-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_67_1-1-1.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_67_1-debuginfo-1-1.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_67_1-debugsource-1-1.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-32250 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYuFkLdzjgjWX9erEAQi2lxAAp8rFanny9rlDfIESccYQcKpHswGt9a8d lVNg4Prkmdno67T56I9AHgBLbTyPEsnONP82+dEEulhHHmtJi2ZxpHKZUJ7Swmz4 7M5NJQcxorZUpjY+t2mr+H7wemfjMYkjeH9cn3Efk2lmSoKmzmgcqr5Ys4MfyPhS ljb1JPq4LSmCdpPgdo2Oo2s2VifmrURu6178bYPPCWj1vZLkQ7qKvxEuquW4M3YL 555lTj0brKXEKWTpVubPFr9pEeACyJRcuPk1sXtnpi1xMXQHBmMw8azN0fybBRHN qODA74TvQp7AA9fPYl62TlOdDZLRMyzhXqFW3CKpVkviHtqIx6Ti0z3TAVOJIr+s 6QUCyKg1AQX0r4oGig+gkDjepw29hZuscsSQWYUfpjX4dDY/HNUwduvWOrHxD/n8 GRMMAXIKGrfBG5tkXbCkdJ0GMB4njdaFh1JNy+/eIhaFxddrG2X73WsVKb3iyCpj 73T4B+a/1dRXKjPPo5GKNv96ZqisLUbEXaiz1DRhV3RdlbiurCW/Hg3xd4oncPZb IaQVvElys+L44XeQ/gHkL0ea9R6hlnbi6nmSrzoWFgi2u96UXhEF0Ui3vWdHkT0j N4djUH74ZBmG/jxY4vjntwq7962Gq4+C+TyDq9jvxxScR7g2pmye1u6WjEb1LBxQ xhHyrr9zeCc=ltwt -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . An important kpatch-patch upgrade mitigates security vulnerabilities for users of Red Hat Enterprise Linux 8.1 regarding privilege escalation.. Red Hat Security,kpatch update,privilege escalation,Linux kernel patch,important security advisory. . Severity: Important. LinuxSecurity.com Team

Jul 27, 2022 •Important Red Hat

security advisorysecurity updatered hat

Red Hat 8.4: RHSA-2022:5641-01 Important: kpatch Escapes Privileges

An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:5641-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5641 Issue date: 2022-07-19 CVE Names: CVE-2022-32250 ==================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v.8.4) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2092427 - CVE-2022-32250 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root 6. Package List: RedHat Enterprise Linux BaseOS EUS(v.8.4): Source: kpatch-patch-4_18_0-305_10_2-1-11.el8_4.src.rpm kpatch-patch-4_18_0-305_12_1-1-10.el8_4.src.rpm kpatch-patch-4_18_0-305_17_1-1-9.el8_4.src.rpm kpatch-patch-4_18_0-305_19_1-1-9.el8_4.src.rpm kpatch-patch-4_18_0-305_25_1-1-8.el8_4.src.rpm kpatch-patch-4_18_0-305_30_1-1-6.el8_4.src.rpm kpatch-patch-4_18_0-305_34_2-1-4.el8_4.src.rpm kpatch-patch-4_18_0-305_40_1-1-3.el8_4.src.rpm kpatch-patch-4_18_0-305_40_2-1-3.el8_4.src.rpm kpatch-patch-4_18_0-305_45_1-1-2.el8_4.src.rpm kpatch-patch-4_18_0-305_49_1-1-1.el8_4.src.rpm ppc64le: kpatch-patch-4_18_0-305_10_2-1-11.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_10_2-debuginfo-1-11.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_10_2-debugsource-1-11.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_12_1-1-10.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_12_1-debuginfo-1-10.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_12_1-debugsource-1-10.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_17_1-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_17_1-debuginfo-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_17_1-debugsource-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_19_1-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_19_1-debuginfo-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_19_1-debugsource-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_25_1-1-8.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_25_1-debuginfo-1-8.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_25_1-debugsource-1-8.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_30_1-1-6.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_30_1-debuginfo-1-6.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_30_1-debugsource-1-6.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_34_2-1-4.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_34_2-debuginfo-1-4.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_34_2-debugsource-1-4.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_40_1-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_40_1-debuginfo-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_40_1-debugsource-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_40_2-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_40_2-debuginfo-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_40_2-debugsource-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_45_1-1-2.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_45_1-debuginfo-1-2.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_45_1-debugsource-1-2.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_49_1-1-1.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_49_1-debuginfo-1-1.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_49_1-debugsource-1-1.el8_4.ppc64le.rpm x86_64: kpatch-patch-4_18_0-305_10_2-1-11.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_10_2-debuginfo-1-11.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_10_2-debugsource-1-11.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_12_1-1-10.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_12_1-debuginfo-1-10.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_12_1-debugsource-1-10.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_17_1-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_17_1-debuginfo-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_17_1-debugsource-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_19_1-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_19_1-debuginfo-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_19_1-debugsource-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_25_1-1-8.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_25_1-debuginfo-1-8.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_25_1-debugsource-1-8.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_30_1-1-6.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_30_1-debuginfo-1-6.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_30_1-debugsource-1-6.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_34_2-1-4.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_34_2-debuginfo-1-4.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_34_2-debugsource-1-4.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_40_1-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_40_1-debuginfo-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_40_1-debugsource-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_40_2-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_40_2-debuginfo-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_40_2-debugsource-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_45_1-1-2.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_45_1-debuginfo-1-2.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_45_1-debugsource-1-2.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_49_1-1-1.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_49_1-debuginfo-1-1.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_49_1-debugsource-1-1.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-32250 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYuFj49zjgjWX9erEAQhzbg//YQVpllplt9m8RinEY3mL5oG1mDLt4rat rKLhkymEbHaox+OoT9KotX+Op7GK+xvlT8j8vFKaV/GNtxATJ2Y0zLEgSnMXGNIQ B0tDXn0QOkubEpsl1e02Zer0GSQVj3mCs4C3jm9itJkknq+bqVQpgKvkfPDM9l6R qTsCSIx1pSVwE97cMwXU0Lm6IrAZHu4zseR1mubomBMtqtuOK41sQJHed8QlkoiX ATSNO5C40IRJvQqnDJjE0LJ/3CehjyaMQJrwYiTsF48wrwUC400GDiMD0xnIjFnu 8pO6mvfc1omp4ITK8pfFTUI4EHWSRSSgwTz1J4CK+8XD3cDuv7psB2b27jx+61pM 9M+DjUTq7QGKj7IrBeo5pqtZCEDolz6SNC/hHxoV0s/szcfKf4MmrrTqKF/Cz0pG d6y83iW2olwmCsYqh1oIRcBBwVCwzzht5trpXRC3yag6B3/mIuJ0MHE26z3H+5GK BdLpwZkmBDPmsv7oc4Yl6PAwYLLXfa+qY1bnFEH1LCVXsS4cheDlEkahO5WSKdGp aruGRWwa/TvAlcfvMxh5Zw+kj2sZO+HZ5OhigHTUGMhWb6mhthd5PHElh4daaofa jwMOtjsoTRSb0dNjDCHypeIqqHOBTqX0qw+H+e6imRi9HT5xVDTXGq3mjD544bmt wF08BCh2kKE=IqpZ -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Crucial Red Hat security patch for kpatch-patch rectifies privilege escalation risks stemming from a use-after-free write vulnerability.. Red Hat Security Advisory,kpatch-patch Privilege Escalation,Kernel Patch Update. . Severity: Important. LinuxSecurity.com Team

Jul 27, 2022 •Important Red Hat

security advisorybuffer overflowprivilege escalation

Red Hat Enterprise Linux 8.2 RHSA-2022:5476-01 Important Kpatch Update

An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:5476-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:5476 Issue date: 2022-06-30 CVE Names: CVE-2022-1966 CVE-2022-27666 ==================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-1966) * kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2061633 - CVE-2022-27666 kernel: buffer overflow inIPsec ESP transformation code 2092427 - CVE-2022-1966 kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v.8.2): Source: kpatch-patch-4_18_0-193_60_2-1-7.el8_2.src.rpm kpatch-patch-4_18_0-193_64_1-1-6.el8_2.src.rpm kpatch-patch-4_18_0-193_65_2-1-5.el8_2.src.rpm kpatch-patch-4_18_0-193_68_1-1-5.el8_2.src.rpm kpatch-patch-4_18_0-193_70_1-1-4.el8_2.src.rpm kpatch-patch-4_18_0-193_71_1-1-4.el8_2.src.rpm kpatch-patch-4_18_0-193_75_1-1-3.el8_2.src.rpm kpatch-patch-4_18_0-193_79_1-1-2.el8_2.src.rpm kpatch-patch-4_18_0-193_80_1-1-1.el8_2.src.rpm kpatch-patch-4_18_0-193_81_1-1-1.el8_2.src.rpm ppc64le: kpatch-patch-4_18_0-193_60_2-1-7.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_60_2-debuginfo-1-7.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_60_2-debugsource-1-7.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_64_1-1-6.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_64_1-debuginfo-1-6.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_64_1-debugsource-1-6.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_65_2-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_65_2-debuginfo-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_65_2-debugsource-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_68_1-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_68_1-debuginfo-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_68_1-debugsource-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_70_1-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_70_1-debuginfo-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_70_1-debugsource-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_71_1-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_71_1-debuginfo-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_71_1-debugsource-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_75_1-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_75_1-debuginfo-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_75_1-debugsource-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_79_1-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_79_1-debuginfo-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_79_1-debugsource-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_80_1-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_80_1-debuginfo-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_80_1-debugsource-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_81_1-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_81_1-debuginfo-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_81_1-debugsource-1-1.el8_2.ppc64le.rpm x86_64: kpatch-patch-4_18_0-193_60_2-1-7.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_60_2-debuginfo-1-7.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_60_2-debugsource-1-7.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_64_1-1-6.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_64_1-debuginfo-1-6.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_64_1-debugsource-1-6.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_65_2-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_65_2-debuginfo-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_65_2-debugsource-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_68_1-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_68_1-debuginfo-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_68_1-debugsource-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_70_1-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_70_1-debuginfo-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_70_1-debugsource-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_71_1-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_71_1-debuginfo-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_71_1-debugsource-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_75_1-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_75_1-debuginfo-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_75_1-debugsource-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_79_1-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_79_1-debuginfo-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_79_1-debugsource-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_80_1-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_80_1-debuginfo-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_80_1-debugsource-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_81_1-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_81_1-debuginfo-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_81_1-debugsource-1-1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-1966 https://access.redhat.com/security/cve/CVE-2022-27666 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYr6VudzjgjWX9erEAQgleQ//do3fDX6RmgU7qccs6u3sV4qZlUtrJe3q Km5tPK0NcI0itlk9iAjYh8nnDOf9GMxqa0Be1rXNskr4003ygQYliIBQmq3C9tpc Enp6ocqrMKYtlYMRyaXrGaz+0zFKpsrahW93qfY+2iP0PKMKvJC4r4+qU02SXCfH bUl3XyTAOO1qg5MqonGQ7T/ZdR4If7mESEPgDCx5ic9XvOc80zfJhfBX6smFC7xa XNrRkKVVJbToZ75mbCULWgWP3l3Mf/iElsk3fShuGwHiKi6vkyNX8zsjp02o6o3w qhHU4m8aonYrO+VKCpwnH/X2KkWVTYNSYelQBSoBCh3XOvpanNikw6EufZf3CycS 9pcbd0akw7a2riahrrpmCQ2adLNbv96K6Adc9cWlLd2/SMy37X7TspVXa8h+vuBz InzbIiOyCGEFXu05SwoSH5j9M9dSbcWPDXDURdpfxLAZOccblhI/t/QOeEdFVwVK u8fpVcsSkiWTV+xKOUOUGyZnKEHX0wJNoNoP1uiplcZQM/sOGLJ2blpSIkGHb4KS q+16A7wHGpveRIu5pmYMMlj2We4X01gn60NUzNugiqlBdhrllVRxZP7TwK1r+7Jj zeh5Hs4v1EabxE7VEXTMGlkps8BZFlOwa/G7ECsCc8fnAd9HavPHsT2jpHPbiCK8 b7ds3h84oX4=vnBR -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Ubuntu has released a key system update focused on addressing significant kernel vulnerabilities. Implement it now to safeguard your machines!. Red Hat Security, Kernel Patch, Enterprise Linux, Security Update, Privilege Escalation. . Severity: Important. LinuxSecurity.com Team

Jul 01, 2022 •Important Red Hat

Community Poll

More Polls

Stay Secure with the Latest Linux Advisories

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Red Hat Enterprise Linux: Important RHSA-2023-4698-01 Out-Of-Bounds Write

Red Hat Enterprise Linux 9.0 RHSA-2023-1984-01 Important Kpatch Escalation

Red Hat Enterprise Linux 8 RHSA-2023:1659-01 Important Kpatch Update Alert

RedHat: RHSA-2023-1104 Critical Kpatch Update Buffer Overflow Issue

Red Hat 7: RHSA-2023-0404 Important: Kpatch-Patch Memory Issue

RedHat 8.1 RHSA-2022:5648-01 Important Kpatch-Patch Privilege Escalation

Red Hat 8.4: RHSA-2022:5641-01 Important: kpatch Escapes Privileges

Red Hat Enterprise Linux 8.2 RHSA-2022:5476-01 Important Kpatch Update

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Refine advisories

severity

Topics

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!