Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisoryprivilege escalationkernel patch

Red Hat Enterprise Linux 8.4 RHSA-2022-6978-01 Critical Kpatch Update

An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:6978-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:6978 Issue date: 2022-10-18 CVE Names: CVE-2022-2588 ==================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v.8.4) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2114849 - CVE-2022-2588 kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation 6. Package List: Red Hat Enterprise LinuxBaseOS EUS (v.8.4): Source: kpatch-patch-4_18_0-305_25_1-1-9.el8_4.src.rpm kpatch-patch-4_18_0-305_45_1-1-3.el8_4.src.rpm kpatch-patch-4_18_0-305_49_1-1-2.el8_4.src.rpm kpatch-patch-4_18_0-305_57_1-1-1.el8_4.src.rpm kpatch-patch-4_18_0-305_62_1-1-1.el8_4.src.rpm ppc64le: kpatch-patch-4_18_0-305_25_1-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_45_1-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_49_1-1-2.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_57_1-1-1.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_62_1-1-1.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.ppc64le.rpm kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.ppc64le.rpm x86_64: kpatch-patch-4_18_0-305_25_1-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_25_1-debuginfo-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_25_1-debugsource-1-9.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_45_1-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_45_1-debuginfo-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_45_1-debugsource-1-3.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_49_1-1-2.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_49_1-debuginfo-1-2.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_49_1-debugsource-1-2.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_57_1-1-1.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_57_1-debuginfo-1-1.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_57_1-debugsource-1-1.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_62_1-1-1.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_62_1-debuginfo-1-1.el8_4.x86_64.rpm kpatch-patch-4_18_0-305_62_1-debugsource-1-1.el8_4.x86_64.rpm These packages are GPGsigned by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-2588 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY05qOtzjgjWX9erEAQhNmA/+NWu/Hqhma7h1tdkjrCBXh93JQ3MbHah9 2ufTZxnpxXk2i6gbmS4NdQXLznCOEJ5g/5Zv1dLp9loSnMX4PyCvxHVSQQVQXHT0 FwsElkxfdWKsgBfqb2EEycfdKFlbiRpXigT8PJzQUQmtKnwrp4A+Vwe202rpYntm JAEoPTUVwhilf7yPTgQm29fTtNLlxVNpBd2wjG05WyQ+xDwOQ585+K0aWoz9F7Kv vMvI5gFgujDLuq+ylxqQZNo+iKCu1cqryTB2kD7HVOILghvBqDF4VT4Wf8b7/tIy YS7jUWeLighS+NU1QvvgtnyK1p80ufV8nvAAHfajDFtR5HBUAkYF8+ZjVgziQimv HyZSnXddieSeRWAKmcQ82hhwBs85bcWnWG80wGM0XmQ8yHOQVqsF7h9r8h9n/eYj FrapxuVr40Q5iD/DVljPzK8fh0iLyRMgWrgXGsaWLlRvhfP5zmoxu2D/lik9DK7S w5fdQ85cxTxMN/ZoK8+osZDKB7P6to8vC9ePDIGFl3Wd8rVFTH95lxI91g/NaHZs mYMvtpgWGfomx8gHbmrVf0WDXiCdfTa8MNeaKIBc2XLpbKHyJEAvAXHjzhU3qpIg HJRm7GFFSxLpk2sqdpxahOalJ83LlJRxoLaIjcsV83cXxwd7cSlnD+ouMqISe8vs aUJMCGe8KcI=ZOUh -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . Red Hat's recent kpatch update for RHEL addresses a critical privilege escalation vulnerability in the kernel, enhancing security and protecting sensitive data.. Red Hat Enterprise Linux,kpatch security update,privilege escalation. . Severity: Important. LinuxSecurity.com Team

Oct 18, 2022 •Important Red Hat

security advisoryDoSRed Hat Enterprise Linux

Red Hat: RHSA-2022-1619-01 Important: kpatch DoS Threat

An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:1619-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:1619 Issue date: 2022-04-27 CVE Names: CVE-2022-0435 ==================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS E4S (v. 8.1) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS (CVE-2022-0435) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2048738 - CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS 6. Package List: Red HatEnterprise Linux BaseOS E4S (v.8.1): Source: kpatch-patch-4_18_0-147_48_1-1-8.el8_1.src.rpm kpatch-patch-4_18_0-147_51_1-1-7.el8_1.src.rpm kpatch-patch-4_18_0-147_51_2-1-6.el8_1.src.rpm kpatch-patch-4_18_0-147_52_1-1-5.el8_1.src.rpm kpatch-patch-4_18_0-147_54_2-1-4.el8_1.src.rpm kpatch-patch-4_18_0-147_56_1-1-4.el8_1.src.rpm kpatch-patch-4_18_0-147_57_1-1-3.el8_1.src.rpm kpatch-patch-4_18_0-147_58_1-1-2.el8_1.src.rpm kpatch-patch-4_18_0-147_59_1-1-2.el8_1.src.rpm kpatch-patch-4_18_0-147_64_1-1-1.el8_1.src.rpm ppc64le: kpatch-patch-4_18_0-147_48_1-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_48_1-debuginfo-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_48_1-debugsource-1-8.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_1-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_1-debuginfo-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_1-debugsource-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_2-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_2-debuginfo-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_51_2-debugsource-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_52_1-1-5.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_52_1-debuginfo-1-5.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_52_1-debugsource-1-5.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_54_2-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_54_2-debuginfo-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_54_2-debugsource-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_56_1-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_56_1-debuginfo-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_56_1-debugsource-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_57_1-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_57_1-debuginfo-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_57_1-debugsource-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_58_1-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_58_1-debuginfo-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_58_1-debugsource-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_59_1-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_59_1-debuginfo-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_59_1-debugsource-1-2.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_64_1-1-1.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_64_1-debuginfo-1-1.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_64_1-debugsource-1-1.el8_1.ppc64le.rpm x86_64: kpatch-patch-4_18_0-147_48_1-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_48_1-debuginfo-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_48_1-debugsource-1-8.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_1-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_1-debuginfo-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_1-debugsource-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_2-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_2-debuginfo-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_51_2-debugsource-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_52_1-1-5.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_52_1-debuginfo-1-5.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_52_1-debugsource-1-5.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_54_2-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_54_2-debuginfo-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_54_2-debugsource-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_56_1-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_56_1-debuginfo-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_56_1-debugsource-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_57_1-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_57_1-debuginfo-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_57_1-debugsource-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_58_1-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_58_1-debuginfo-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_58_1-debugsource-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_59_1-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_59_1-debuginfo-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_59_1-debugsource-1-2.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_64_1-1-1.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_64_1-debuginfo-1-1.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_64_1-debugsource-1-1.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-0435 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYmkYk9zjgjWX9erEAQh2JQ//ddS2Jh1G65wT0sM/MGruwuxoX+acBUf8 1yfRzR5Aq/4TBdNYJJEucZj9+PTSnnBsitydkX+SYj1gZol+u86kUi+oYw6ZIEBR Q4x5OVmnlMrJI9wZclJxCkn8Yp4afIvzHpgGB4qJzvQo+5eu5s5iBECL3PDVa6o9 687LNSxK+VYZT/Zix2XxkjTsAZOuWYpHrSRCwu5VAjlqVG6iLAL3W14NYGiDYjF/ q9nXmppab9QNIwPGOc50OU00JF5N+1A9fI2k5agrbryzjPVZ9//cx/be8kfwNG9E 6HIcodRwY9d+p21i1yH04rE+H1BQt0gM5HXsANPxSiCmAmrwXQY4m8b9E1kk9a13 fdPhVd993mx8ZMeQlUDTaouvyL2jhddNAhSsM9wt9tmVbIsdyamlUakbyj9+wOzm TPzZzAdpu25rF74vNq2t5g9YQ7PagZKIr5mcs6aFY7t5tZ3vZWfQA2TysPlwqfwq CQVYItibuGg7HpD0HrTQ6MXFQgXzNkk0dYMps8gNVQU0eFx+BdaNqrk8bXKxFgaU cHb7kQ4/12GR/JreOlfGoHdxgj6UTO2/wRYYYG21qlhU2onfsAC30544UsrvTviY KNY1rrnhf/QIQ6iekayCvO9AT6GZP7ooB2ls0ary+iS5hYWded9Odpb5jKOzZp3Y 39rakA8yIL8=u8e5 -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Critical kpatch security enhancement for Red Hat Enterprise Linux mitigates remote stack overflow vulnerabilities that could result in Denial of Service (DoS) incidents.. kpatch Security Update, Red Hat Enterprise Linux, Remote Stack Overflow, DoS Attack, Important Advisory. . Severity: Important. LinuxSecurity.com Team

Apr 27, 2022 •Important Red Hat

security advisoryRed Hatprivilege escalation

Red Hat 8.2: RHSA-2022-0925-01 Important Kpatch-Patch Fix

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2022:0925-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:0925 Issue date: 2022-03-15 CVE Names: CVE-2021-4083 CVE-2022-0330 CVE-2022-0492 CVE-2022-22942 ==================================================================== 1. Summary: An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.2) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083) * kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330) * kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492) * kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details onhow to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v.8.2): Source: kpatch-patch-4_18_0-193_47_1-1-10.el8_2.src.rpm kpatch-patch-4_18_0-193_51_1-1-7.el8_2.src.rpm kpatch-patch-4_18_0-193_56_1-1-6.el8_2.src.rpm kpatch-patch-4_18_0-193_60_2-1-5.el8_2.src.rpm kpatch-patch-4_18_0-193_64_1-1-4.el8_2.src.rpm kpatch-patch-4_18_0-193_65_2-1-3.el8_2.src.rpm kpatch-patch-4_18_0-193_68_1-1-3.el8_2.src.rpm kpatch-patch-4_18_0-193_70_1-1-2.el8_2.src.rpm kpatch-patch-4_18_0-193_71_1-1-2.el8_2.src.rpm kpatch-patch-4_18_0-193_75_1-1-1.el8_2.src.rpm ppc64le: kpatch-patch-4_18_0-193_47_1-1-10.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_47_1-debuginfo-1-10.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_47_1-debugsource-1-10.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_51_1-1-7.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_51_1-debuginfo-1-7.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_51_1-debugsource-1-7.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_56_1-1-6.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_56_1-debuginfo-1-6.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_56_1-debugsource-1-6.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_60_2-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_60_2-debuginfo-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_60_2-debugsource-1-5.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_64_1-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_64_1-debuginfo-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_64_1-debugsource-1-4.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_65_2-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_65_2-debuginfo-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_65_2-debugsource-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_68_1-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_68_1-debuginfo-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_68_1-debugsource-1-3.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_70_1-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_70_1-debuginfo-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_70_1-debugsource-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_71_1-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_71_1-debuginfo-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_71_1-debugsource-1-2.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_75_1-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_75_1-debuginfo-1-1.el8_2.ppc64le.rpm kpatch-patch-4_18_0-193_75_1-debugsource-1-1.el8_2.ppc64le.rpm x86_64: kpatch-patch-4_18_0-193_47_1-1-10.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_47_1-debuginfo-1-10.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_47_1-debugsource-1-10.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_51_1-1-7.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_51_1-debuginfo-1-7.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_51_1-debugsource-1-7.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_56_1-1-6.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_56_1-debuginfo-1-6.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_56_1-debugsource-1-6.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_60_2-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_60_2-debuginfo-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_60_2-debugsource-1-5.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_64_1-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_64_1-debuginfo-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_64_1-debugsource-1-4.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_65_2-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_65_2-debuginfo-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_65_2-debugsource-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_68_1-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_68_1-debuginfo-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_68_1-debugsource-1-3.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_70_1-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_70_1-debuginfo-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_70_1-debugsource-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_71_1-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_71_1-debuginfo-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_71_1-debugsource-1-2.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_75_1-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_75_1-debuginfo-1-1.el8_2.x86_64.rpm kpatch-patch-4_18_0-193_75_1-debugsource-1-1.el8_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature areavailable from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-4083 https://access.redhat.com/security/cve/CVE-2022-0330 https://access.redhat.com/security/cve/CVE-2022-0492 https://access.redhat.com/security/cve/CVE-2022-22942 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYjCsKNzjgjWX9erEAQg19xAAit8UBrzV+5lQ8dcFkzTgZwvbDRnt+x1K CtGEpFkqPsjloubHFckRaU7XS8/8IHFYZrSnuhSNeQ33QScGGSqVuxFrCbeLprOk 4i+wckgRdtI5dZO6UWNLv1cJnFopp57HuN+RX5vpfNontLIKMVfWhhnAWH08qRD8 QxiUVzH3qXuPCTv7cco12eGomOlkWYO8CPpJjvBaJ0mQ1rsStCgc5s5scIvSF3/x zj6QTZiidfYh37ofaP8IO3WE3l/mLDZBZdLy2WSnL7a597+F/79thc8LJRkgMwjs kT9mxqKclYRSZUWDFmKw3Tr5N7lcVKQEjVO4oy4Xe1+GRausg3L62wXWbntoAA3n lqO21/9jRxKaxx65e7VDNqWSNqKIAJrLzphCcBdOnrE3mPoNFLmRMsLhEXe4pgPR eLvlr5AUAOcAOhHUfHRT+kt+IdHb1mnJp9WRfCCG+GHl05swZds6MQsuKPrVvjKo MdFpZkJD9yVPe9hBJL/heJEgiA9YZk1c7V0aWoGO39Xm3i/GNCB1PLmH5txOZXmx Q/6XD342cBvX7ocD6HCC0da2Ui5S4iVprEX4RkLAV0NsfSZiECqdYFKHwnXcHJZW lElSjq6kuNRejqQi5NosaWXF+oSvKgInuIZYPh0xW/dMzDONlGaFkbMRqOdw+kS9 49+TjdVVwIU=/0ba -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Critical kpatch-patch release for Red Hat featuring crucial updates that tackle privilege escalation issues and enhance security measures.. Security Advisory, Red Hat, Kernel Fixes, Privilege Escalation, Kpatch Update. . Severity: Important. LinuxSecurity.com Team

Mar 15, 2022 •Important Red Hat

security advisoryRed Hatcritical

Red Hat Enterprise Linux 8.1 RHSA-2021-2099 Critical Kpatch Update

An update is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: kpatch-patch security update Advisory ID: RHSA-2021:2099-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2099 Issue date: 2021-05-25 CVE Names: CVE-2020-0466 CVE-2020-28374 CVE-2021-3347 ==================================================================== 1. Summary: An update is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux BaseOS EUS (v. 8.1) - ppc64le, x86_64 3. Description: This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Security Fix(es): * kernel: use after free in eventpoll.c may lead to escalation of privilege (CVE-2020-0466) * kernel: SCSI target (LIO) write to any block on ILO backstore (CVE-2020-28374) * kernel: Use after free via PI futex state (CVE-2021-3347) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed(https://bugzilla.redhat.com/): 1899804 - CVE-2020-28374 kernel: SCSI target (LIO) write to any block on ILO backstore 1920480 - CVE-2020-0466 kernel: use after free in eventpoll.c may lead to escalation of privilege 1922249 - CVE-2021-3347 kernel: Use after free via PI futex state 6. Package List: Red Hat Enterprise Linux BaseOS EUS (v.8.1): Source: kpatch-patch-4_18_0-147_20_1-1-11.el8_1.src.rpm kpatch-patch-4_18_0-147_24_2-1-9.el8_1.src.rpm kpatch-patch-4_18_0-147_27_1-1-9.el8_1.src.rpm kpatch-patch-4_18_0-147_32_1-1-7.el8_1.src.rpm kpatch-patch-4_18_0-147_34_1-1-7.el8_1.src.rpm kpatch-patch-4_18_0-147_38_1-1-6.el8_1.src.rpm kpatch-patch-4_18_0-147_43_1-1-4.el8_1.src.rpm kpatch-patch-4_18_0-147_44_1-1-3.el8_1.src.rpm ppc64le: kpatch-patch-4_18_0-147_20_1-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_20_1-debuginfo-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_20_1-debugsource-1-11.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_24_2-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_24_2-debuginfo-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_24_2-debugsource-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_27_1-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_27_1-debuginfo-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_27_1-debugsource-1-9.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_32_1-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_32_1-debuginfo-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_32_1-debugsource-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_34_1-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_34_1-debuginfo-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_34_1-debugsource-1-7.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_38_1-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_38_1-debuginfo-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_38_1-debugsource-1-6.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_43_1-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_43_1-debuginfo-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_43_1-debugsource-1-4.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_44_1-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_44_1-debuginfo-1-3.el8_1.ppc64le.rpm kpatch-patch-4_18_0-147_44_1-debugsource-1-3.el8_1.ppc64le.rpm x86_64: kpatch-patch-4_18_0-147_20_1-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_20_1-debuginfo-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_20_1-debugsource-1-11.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_24_2-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_24_2-debuginfo-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_24_2-debugsource-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_27_1-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_27_1-debuginfo-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_27_1-debugsource-1-9.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_32_1-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_32_1-debuginfo-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_32_1-debugsource-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_34_1-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_34_1-debuginfo-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_34_1-debugsource-1-7.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_38_1-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_38_1-debuginfo-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_38_1-debugsource-1-6.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_43_1-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_43_1-debuginfo-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_43_1-debugsource-1-4.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_44_1-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_44_1-debuginfo-1-3.el8_1.x86_64.rpm kpatch-patch-4_18_0-147_44_1-debugsource-1-3.el8_1.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-0466 https://access.redhat.com/security/cve/CVE-2020-28374 https://access.redhat.com/security/cve/CVE-2021-3347 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYKyc/9zjgjWX9erEAQibHw//a3LpsAtFlmzIJRMRXtLCkLlEkhjObDhS iKHvwlKSXixuP5YMYAXL/O5odoiLeXx3dC2aWpTcUrQJefH9ayVCYkQfJKWuDVru nbyfdTiZqf0+6x7Y3/xKUQ+pvYmSlIkUKE1Shrvh1KX2XklD+HcFcQEvgaQjjS1b GFFWE2ZvqFShyonEPWtX5gqm933d9X0qPJxNMqmBXsGwIznhfG7+F+SF3LB6lkH9 kOfJHdBNtaKV5gAOWD0yCp9EdQ/KwGeYRAJM2kvDhBK3IX64Qhc/ZoTpdffBh1PR nYvhDnPOysLudwx/KVLBEWhDGUeBmDAi7Y2KEDq4Gw5aHprkgdfLxEo4ZCFbZJAI ubbDBqxilS32P/sCTtfKQd0MEMgj/i3AWpspPsmMwcG9CERAhkBbAB8ngHKT3NY7 Vm5fuFaCMjqaefzSBlwyPZ6EiHH8hDafvMEDP2vkw0qLgqs0wBU2VLOPQmh4/rHY TvLSl/g77YQZzCreVO7ZgDiKHAwniQ47uxprIaWXLUhj762b/bK1xdyXx7X8flFj /slsXJnoY9dwhPfduAApgkVXhwJkmxJtsraoDjGW1KYc/FXuc1NbCsNsPgbM4RHX 7o6O+waCB5CCoZJ4JDX1uyOEBSxVG9Y2JHXMe+hi2/Ker/ETC4d2fayatUJgp1TY qRoPU27/meE=IgCq -----END PGP SIGNATURE----- -- RHSA-announce mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://listman.redhat.com/mailman/listinfo/rhsa-announce . Explore the critical kpatch-patch update from Red Hat for Enterprise Linux 8.1, addressing major security vulnerabilities essential for system integrity and data safety. Red Hat Enterprise Linux,kpatch patch update,kernel security issues. . Severity: Important. LinuxSecurity.com Team

May 25, 2021 •Important Red Hat

Stay Secure with the Latest Linux Advisories

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

Red Hat Enterprise Linux 8.4 RHSA-2022-6978-01 Critical Kpatch Update

Red Hat: RHSA-2022-1619-01 Important: kpatch DoS Threat

Red Hat 8.2: RHSA-2022-0925-01 Important Kpatch-Patch Fix

Red Hat Enterprise Linux 8.1 RHSA-2021-2099 Critical Kpatch Update

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

openSUSE Chromedriver Moderate Security Issues Fixed 2026-10958-1

openSUSE Tumbleweed libmozjs Moderate Update CVE-2025-70103

openSUSE Tumbleweed Perl HTML Parser Moderate CVE-2026-8829 Advisory

openSUSE Tumbleweed kernel-devel Moderate Security Issue 2026-10954-1

openSUSE Tumbleweed Gleam Moderate Threat Fixed 2026-10953-1

Ubuntu 25.10 Systemd Critical Arbitrary Code Exec DNS Issues USN-8402-1

openSUSE Epiphany Important Password Handling Issue CVE-2023-26081

Ubuntu 26.04 LTS 8399-1 Pillow Denial of Service Risk CVE-2026-42308

Ubuntu 26.04 LTS Poppler Critical DoS Code Execution Vuln USN-8400-1

Refine advisories

severity

Topics

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!