- Issued:
- 2022-04-05
- Updated:
- 2022-04-05
RHSA-2022:1209 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS (CVE-2022-0435)
- kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c (CVE-2020-8647)
- kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c (CVE-2020-8649)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the latest RHEL-8.2.z16 Batch (BZ#2066950)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2 x86_64
Fixes
- BZ - 1802555 - CVE-2020-8649 kernel: invalid read location in vgacon_invert_region function in drivers/video/console/vgacon.c
- BZ - 1802563 - CVE-2020-8647 kernel: out-of-bounds read in in vc_do_resize function in drivers/tty/vt/vt.c
- BZ - 2048738 - CVE-2022-0435 kernel: remote stack overflow via kernel panic on systems using TIPC may lead to DoS
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.2
| SRPM | |
|---|---|
| kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.src.rpm | SHA-256: 841f4ff65d55dee9e0d159aa298edffc125bb13ad99b08950c213fb09507becc |
| x86_64 | |
| kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 442987feff4b7e6237ae8181bc4cd13ed19038b18801dea7409f40bec36efcbc |
| kernel-rt-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 5b0a26917c9d4553c50614a41174932a82cebd4a1f857cda99d32260f81183ba |
| kernel-rt-debug-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 41cc79b648e3feeaa8ad312004bc5a28ae623d1e6f4299ead2747b24dd0b6918 |
| kernel-rt-debug-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 59ec4230f22ab90d0eed8180e4bbc4d068f0ab0f3ffb32ac30f7af11795d61b6 |
| kernel-rt-debug-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: b016eafa2bf55ff848d4dbd7dd8ac1618366187f7ea790ad951f629a58580509 |
| kernel-rt-debug-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: ddd203e21c7300feba22c2057faab62ac8a6e81a91bec1804bca7833a172c883 |
| kernel-rt-debug-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 02900cdb3925fd5166f8a95b6a102ec6b47d41233667f5f855e5b3591c29ec25 |
| kernel-rt-debug-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: a990114633e5d5e9c73f12cd44cd436eb7e0ec4a1cea869386c0e1c46e41d3a1 |
| kernel-rt-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: e9d32497a78f6c24eb4677d421b1399e1e220c1c66165014bb928b17f6941080 |
| kernel-rt-debuginfo-common-x86_64-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 8276788bd6ed59f7375ca72d54946743575e48d9eb8249bf7a7385caaf20dbb8 |
| kernel-rt-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 75892bec53949590d5242ba363b53074316969c0752ab7aa334c9a28d5a3e07f |
| kernel-rt-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: b4fd16e0ad7ba56c530b2a34717526132643f4ec707e0f987a1118ecf1a67219 |
| kernel-rt-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 8cd54705b5424ffd9c7fe2eca88ce91f7bbbded04a54b61ba61c7f3252f2c378 |
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.2
| SRPM | |
|---|---|
| kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.src.rpm | SHA-256: 841f4ff65d55dee9e0d159aa298edffc125bb13ad99b08950c213fb09507becc |
| x86_64 | |
| kernel-rt-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 442987feff4b7e6237ae8181bc4cd13ed19038b18801dea7409f40bec36efcbc |
| kernel-rt-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 5b0a26917c9d4553c50614a41174932a82cebd4a1f857cda99d32260f81183ba |
| kernel-rt-debug-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 41cc79b648e3feeaa8ad312004bc5a28ae623d1e6f4299ead2747b24dd0b6918 |
| kernel-rt-debug-core-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 59ec4230f22ab90d0eed8180e4bbc4d068f0ab0f3ffb32ac30f7af11795d61b6 |
| kernel-rt-debug-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: b016eafa2bf55ff848d4dbd7dd8ac1618366187f7ea790ad951f629a58580509 |
| kernel-rt-debug-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: ddd203e21c7300feba22c2057faab62ac8a6e81a91bec1804bca7833a172c883 |
| kernel-rt-debug-kvm-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: e545e21dc18eec58ae396b6ac6181dc81e0266ef0ee6576fa646e7a8529946cd |
| kernel-rt-debug-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 02900cdb3925fd5166f8a95b6a102ec6b47d41233667f5f855e5b3591c29ec25 |
| kernel-rt-debug-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: a990114633e5d5e9c73f12cd44cd436eb7e0ec4a1cea869386c0e1c46e41d3a1 |
| kernel-rt-debuginfo-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: e9d32497a78f6c24eb4677d421b1399e1e220c1c66165014bb928b17f6941080 |
| kernel-rt-debuginfo-common-x86_64-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 8276788bd6ed59f7375ca72d54946743575e48d9eb8249bf7a7385caaf20dbb8 |
| kernel-rt-devel-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 75892bec53949590d5242ba363b53074316969c0752ab7aa334c9a28d5a3e07f |
| kernel-rt-kvm-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: b9904ff9daf68ab41af805f75a6143371c13a582308cd03f14f9f6c684c2c6dc |
| kernel-rt-modules-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: b4fd16e0ad7ba56c530b2a34717526132643f4ec707e0f987a1118ecf1a67219 |
| kernel-rt-modules-extra-4.18.0-193.80.1.rt13.130.el8_2.x86_64.rpm | SHA-256: 8cd54705b5424ffd9c7fe2eca88ce91f7bbbded04a54b61ba61c7f3252f2c378 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
