- Issued:
- 2022-01-19
- Updated:
- 2022-01-19
RHSA-2022:0176 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
- kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernnel-rt-debug: do not call blocking ops when !TASK_RUNNING; state=1 set at [<0000000050e86018>] handle_userfault+0x530/0x1820 (BZ#2029422)
- kernel-rt: update RT source tree to the RHEL-8.5.z source tree (BZ#2032059)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.8 x86_64
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.6 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.6 x86_64
Fixes
- BZ - 2034813 - CVE-2021-4155 kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
- BZ - 2040358 - CVE-2022-0185 kernel: fs_context: heap overflow in legacy parameter handling
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm | SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915 |
| x86_64 | |
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a |
| kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383 |
| kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7 |
| kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06 |
| kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548 |
| kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf |
| kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5 |
| kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346 |
| kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f |
| kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8 |
| kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be |
| kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b |
| kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88 |
Red Hat Enterprise Linux for Real Time for NFV 8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm | SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915 |
| x86_64 | |
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a |
| kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383 |
| kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7 |
| kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06 |
| kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548 |
| kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf |
| kernel-rt-debug-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 5b8dd8d3a0097279f165a5f914217f800716661e8bd10a582a3010f4c918ba16 |
| kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5 |
| kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346 |
| kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f |
| kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8 |
| kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be |
| kernel-rt-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: bbf976079d3c37ec25d5e2b817d21fcf751ab3fab17c62048dc461cf589b2ade |
| kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b |
| kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88 |
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm | SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915 |
| x86_64 | |
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a |
| kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383 |
| kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7 |
| kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06 |
| kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548 |
| kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf |
| kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5 |
| kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346 |
| kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f |
| kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8 |
| kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be |
| kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b |
| kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88 |
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.6
| SRPM | |
|---|---|
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm | SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915 |
| x86_64 | |
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a |
| kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383 |
| kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7 |
| kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06 |
| kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548 |
| kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf |
| kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5 |
| kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346 |
| kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f |
| kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8 |
| kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be |
| kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b |
| kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88 |
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm | SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915 |
| x86_64 | |
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a |
| kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383 |
| kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7 |
| kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06 |
| kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548 |
| kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf |
| kernel-rt-debug-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 5b8dd8d3a0097279f165a5f914217f800716661e8bd10a582a3010f4c918ba16 |
| kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5 |
| kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346 |
| kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f |
| kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8 |
| kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be |
| kernel-rt-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: bbf976079d3c37ec25d5e2b817d21fcf751ab3fab17c62048dc461cf589b2ade |
| kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b |
| kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88 |
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.6
| SRPM | |
|---|---|
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.src.rpm | SHA-256: b836882321f8dd1eed7baec9efc6f593f24d204f52b5667a8baf3dd16afcb915 |
| x86_64 | |
| kernel-rt-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: d42a03c9b17fcbb7852c587dad9f50d0c1a486aead8131bcc77c632e9557fb4a |
| kernel-rt-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 4422ad40b05ecd975823fae5c5d3ab818a202cf940ad55d1160629ca8e278383 |
| kernel-rt-debug-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 55645e4ac741f4b67a13659d203bdb352ece5051ed39640333fda50341ca40d7 |
| kernel-rt-debug-core-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e2b20a1332280635a6a7bd91ee2e40838f8f9f7297e84e7d52fe57201c753e06 |
| kernel-rt-debug-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 8255b582fededcb9b6029a3421b48f11bcf64856f5f7d006f608305c6d334548 |
| kernel-rt-debug-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: aad4d8739f038e0db9701012f7b59495652f74ab14ac7fb332512eb71428f4cf |
| kernel-rt-debug-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 5b8dd8d3a0097279f165a5f914217f800716661e8bd10a582a3010f4c918ba16 |
| kernel-rt-debug-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: e727db564604c0a890a3e26583016738c2d1faa391c305d0a4b37013035ec6c5 |
| kernel-rt-debug-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 27c56fef48aaa800a5027865f8d97344f0100775b51778b13d30182706eda346 |
| kernel-rt-debuginfo-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: cb28eaf7e8b2d437773d2096db8de521d37b961cfdd6c33f90f627a431652a8f |
| kernel-rt-debuginfo-common-x86_64-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 9469abee4b0fd7266daabd2c9fa37d777d70e8a640748cbdb5da6ff9c95146f8 |
| kernel-rt-devel-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 6374de05510b45b2b9692eeeb50a4fbf8d70cacede5a54c69bf40dcc4dbc33be |
| kernel-rt-kvm-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: bbf976079d3c37ec25d5e2b817d21fcf751ab3fab17c62048dc461cf589b2ade |
| kernel-rt-modules-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 1b93915c679c077ea4669a7cf007787b3edc30c8ea64b558d346126befd0674b |
| kernel-rt-modules-extra-4.18.0-348.12.2.rt7.143.el8_5.x86_64.rpm | SHA-256: 29f345c7574658f88032ae2525dad7d6f72f4c04d85d5158e5ceb73858713e88 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.