Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2022:0851 - Security Advisory
Issued:
2022-03-14
Updated:
2022-03-14

RHSA-2022:0851 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
  • kernel: use-after-free in RDMA listen() (CVE-2021-4028)
  • kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
  • kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
  • kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
  • kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
  • BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
  • BZ - 2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
  • BZ - 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
  • BZ - 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation
  • BZ - 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation

CVEs

  • CVE-2021-0920
  • CVE-2021-4028
  • CVE-2021-4083
  • CVE-2022-0330
  • CVE-2022-0492
  • CVE-2022-22942

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM
kpatch-patch-4_18_0-147_44_1-1-10.el8_1.src.rpm SHA-256: a43f9c06f4aa8a7e814b67484af2c757d2d2a1f2bb189b98d7489bcf078c08a9
kpatch-patch-4_18_0-147_48_1-1-7.el8_1.src.rpm SHA-256: 6b3cc9c1a74963b25ccc7576d3d53991357a7ef2ac85a3e0bef12fb2c1bb5655
kpatch-patch-4_18_0-147_51_1-1-6.el8_1.src.rpm SHA-256: b77e8351bfd5ca56d6506708628696b64d4d636c8a6a813299513fe6bd82b440
kpatch-patch-4_18_0-147_51_2-1-5.el8_1.src.rpm SHA-256: de34e8c5c697c47c6760a9feac9ba3ae4a6d6e94efee8cfc78b8f80de7554db0
kpatch-patch-4_18_0-147_52_1-1-4.el8_1.src.rpm SHA-256: c2db01b3c4ad7ec5e0f2be52fa2063591706a49a945cc146b564f2c30c460afc
kpatch-patch-4_18_0-147_54_2-1-3.el8_1.src.rpm SHA-256: 12534e0c794b46d7be1c68ca03189dc7d64572706bba7800291dc0a13321a3f1
kpatch-patch-4_18_0-147_56_1-1-3.el8_1.src.rpm SHA-256: 369218ec0bb8049d52cc8fc56e8249f40ef2fda625ebf040ba9d5a93ae9d6a6b
kpatch-patch-4_18_0-147_57_1-1-2.el8_1.src.rpm SHA-256: 0d1a1b3d1ff6b5f68f95c771b451b10747a7a2a0642efd89dbdec83e0140121b
kpatch-patch-4_18_0-147_59_1-1-1.el8_1.src.rpm SHA-256: a0bee3f81057f6ec12f42b918898ddbdaaacee87adfd4fa1de473c1cff606bca
ppc64le
kpatch-patch-4_18_0-147_44_1-1-10.el8_1.ppc64le.rpm SHA-256: 207c6b9b9ecdaee7aa60e004c0e38e1c924e56960231ae4d782a0e86c1c9581a
kpatch-patch-4_18_0-147_44_1-debuginfo-1-10.el8_1.ppc64le.rpm SHA-256: a20191579c572bda001676bd47fe9d29656ba89db708d5431d790c488e3da239
kpatch-patch-4_18_0-147_44_1-debugsource-1-10.el8_1.ppc64le.rpm SHA-256: e70cee3f69505f578c96fef3ad86fd33585c6ce0af3f00cb2c3b6b734faf9420
kpatch-patch-4_18_0-147_48_1-1-7.el8_1.ppc64le.rpm SHA-256: 04dec3d06f9a1d018af53ea78040eb755a79dc2b61a7795f7d7549529ffb4b13
kpatch-patch-4_18_0-147_48_1-debuginfo-1-7.el8_1.ppc64le.rpm SHA-256: 647917c84a0da13b5118aa8610989313f12cea5c1674a204501b0009bc130044
kpatch-patch-4_18_0-147_48_1-debugsource-1-7.el8_1.ppc64le.rpm SHA-256: 26ae905bc88ada92180bbc279653f829b351a09fb5b095e4aad6e1ad34a3f0c7
kpatch-patch-4_18_0-147_51_1-1-6.el8_1.ppc64le.rpm SHA-256: 4bb71b659701ea688a3062fdde8913659ac3fb18a44ae19dae1f7a0afec881dc
kpatch-patch-4_18_0-147_51_1-debuginfo-1-6.el8_1.ppc64le.rpm SHA-256: ff456f12689968cf619551501b8496f141c0ef9f20e3b3842b3620becefc5022
kpatch-patch-4_18_0-147_51_1-debugsource-1-6.el8_1.ppc64le.rpm SHA-256: 61ed2042bd2d38fd20652d8fbce7451a951eea98d93989a7b8af4c78d8559e1f
kpatch-patch-4_18_0-147_51_2-1-5.el8_1.ppc64le.rpm SHA-256: 2e149f5e9cb1f09e59a476c85b57ca6d30ea289c8bf44d3a3b74c702dca338da
kpatch-patch-4_18_0-147_51_2-debuginfo-1-5.el8_1.ppc64le.rpm SHA-256: 11451c029f4bbd4ffade3076c9293706843466eb6730aa2c4ded636feec3b8cc
kpatch-patch-4_18_0-147_51_2-debugsource-1-5.el8_1.ppc64le.rpm SHA-256: f4b7b7b6f31273a126445e80a957e9f40d1664685bda71652c431dc03ebbef12
kpatch-patch-4_18_0-147_52_1-1-4.el8_1.ppc64le.rpm SHA-256: f2ad17a1c83be2ff11beb9890d32ec0142de40fa3e55cfca73445c98d3206e12
kpatch-patch-4_18_0-147_52_1-debuginfo-1-4.el8_1.ppc64le.rpm SHA-256: b2c131a70da5fbd0b44acdacee65330505c2438e94b3f505f903f85cdee2add3
kpatch-patch-4_18_0-147_52_1-debugsource-1-4.el8_1.ppc64le.rpm SHA-256: d9415c0ebe3264a9ace2e7106ba22addc2ef860bdf3a912d436e458d5bcf7840
kpatch-patch-4_18_0-147_54_2-1-3.el8_1.ppc64le.rpm SHA-256: 0367f789d1e27c0ea6e843bbc25b2828d5cd9704b9e6d2e14c6c6f0ee8f2ad5b
kpatch-patch-4_18_0-147_54_2-debuginfo-1-3.el8_1.ppc64le.rpm SHA-256: 06b8f2238f473d528efb46b22fd27d42ff15d7efcb08852fd5a26147954a3541
kpatch-patch-4_18_0-147_54_2-debugsource-1-3.el8_1.ppc64le.rpm SHA-256: bb2ad13de85b632b8f7c05069f3b17728b8d8d6ed0377e3ac32fc9a31005b075
kpatch-patch-4_18_0-147_56_1-1-3.el8_1.ppc64le.rpm SHA-256: 9e566890b98bb44524bcb086be5f78f0604c516ae6dbfa7a6155bbaa69223cfa
kpatch-patch-4_18_0-147_56_1-debuginfo-1-3.el8_1.ppc64le.rpm SHA-256: 1ea9a2893aa9f2f00c35dc8a3d3c25750cdcd4ab171595103861f2e496593c2d
kpatch-patch-4_18_0-147_56_1-debugsource-1-3.el8_1.ppc64le.rpm SHA-256: 52f4ebc9b717fccbff63acebdfd4d02202240c1ae2395582d36d618bf5790fce
kpatch-patch-4_18_0-147_57_1-1-2.el8_1.ppc64le.rpm SHA-256: f50697d6e711a6fbf313a7ab01ee8d58cd107a4ebe21184efefa16e019fe5dbd
kpatch-patch-4_18_0-147_57_1-debuginfo-1-2.el8_1.ppc64le.rpm SHA-256: d14e60b8502d2c026511e5328d203e074adbd5be6f6669dd44c316f03ee17696
kpatch-patch-4_18_0-147_57_1-debugsource-1-2.el8_1.ppc64le.rpm SHA-256: ad12b0340e902d53d82abfd60644c90fb1e67e47317199d79012211370e47a97
kpatch-patch-4_18_0-147_59_1-1-1.el8_1.ppc64le.rpm SHA-256: dc0cad571994616a2f151b5f58b828d6b5e7affd1a7903200f0352ae43153d08
kpatch-patch-4_18_0-147_59_1-debuginfo-1-1.el8_1.ppc64le.rpm SHA-256: 4000353edce5eb6bdbeae5d78af30ff0b58e985ee09733cd27a4aa5832c69237
kpatch-patch-4_18_0-147_59_1-debugsource-1-1.el8_1.ppc64le.rpm SHA-256: 84f2bb92b7654f84fab9a46ded50ac56093f8084f6bbc5e30de3d490695bc3db

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM
kpatch-patch-4_18_0-147_44_1-1-10.el8_1.src.rpm SHA-256: a43f9c06f4aa8a7e814b67484af2c757d2d2a1f2bb189b98d7489bcf078c08a9
kpatch-patch-4_18_0-147_48_1-1-7.el8_1.src.rpm SHA-256: 6b3cc9c1a74963b25ccc7576d3d53991357a7ef2ac85a3e0bef12fb2c1bb5655
kpatch-patch-4_18_0-147_51_1-1-6.el8_1.src.rpm SHA-256: b77e8351bfd5ca56d6506708628696b64d4d636c8a6a813299513fe6bd82b440
kpatch-patch-4_18_0-147_51_2-1-5.el8_1.src.rpm SHA-256: de34e8c5c697c47c6760a9feac9ba3ae4a6d6e94efee8cfc78b8f80de7554db0
kpatch-patch-4_18_0-147_52_1-1-4.el8_1.src.rpm SHA-256: c2db01b3c4ad7ec5e0f2be52fa2063591706a49a945cc146b564f2c30c460afc
kpatch-patch-4_18_0-147_54_2-1-3.el8_1.src.rpm SHA-256: 12534e0c794b46d7be1c68ca03189dc7d64572706bba7800291dc0a13321a3f1
kpatch-patch-4_18_0-147_56_1-1-3.el8_1.src.rpm SHA-256: 369218ec0bb8049d52cc8fc56e8249f40ef2fda625ebf040ba9d5a93ae9d6a6b
kpatch-patch-4_18_0-147_57_1-1-2.el8_1.src.rpm SHA-256: 0d1a1b3d1ff6b5f68f95c771b451b10747a7a2a0642efd89dbdec83e0140121b
kpatch-patch-4_18_0-147_59_1-1-1.el8_1.src.rpm SHA-256: a0bee3f81057f6ec12f42b918898ddbdaaacee87adfd4fa1de473c1cff606bca
x86_64
kpatch-patch-4_18_0-147_44_1-1-10.el8_1.x86_64.rpm SHA-256: e19eb25b1b50e301e5dabf1434d0c69d0e4b86554ef099e928f40c672e3a3020
kpatch-patch-4_18_0-147_44_1-debuginfo-1-10.el8_1.x86_64.rpm SHA-256: d77dce910c93399a517dea618a953e02978ba6dc61162eb08b05cda2f4a03307
kpatch-patch-4_18_0-147_44_1-debugsource-1-10.el8_1.x86_64.rpm SHA-256: 8e3d2359799931ad90a8beca5a169bba3834d1b56a88c906a424427d4b5a3ea4
kpatch-patch-4_18_0-147_48_1-1-7.el8_1.x86_64.rpm SHA-256: d4fddee5a6ba98b83b15b3c6018d2910138b344b94b845a4927660002df5f7d1
kpatch-patch-4_18_0-147_48_1-debuginfo-1-7.el8_1.x86_64.rpm SHA-256: 110f83260e76724cd39e3ba88e0f19282cfae84be3abcc1b2d3a702c429b96fd
kpatch-patch-4_18_0-147_48_1-debugsource-1-7.el8_1.x86_64.rpm SHA-256: 4ca07030eecba9a7fedb17c1d961721ff3ad5dbd3294d0e2845386bf2219d5b6
kpatch-patch-4_18_0-147_51_1-1-6.el8_1.x86_64.rpm SHA-256: b2193717b4e2061b9599ea17814e297d72a986065a5353bf4c192fe86225ac9b
kpatch-patch-4_18_0-147_51_1-debuginfo-1-6.el8_1.x86_64.rpm SHA-256: e4a9a4b2ac41429035d6e119f87a36d305380da9154247ac4e12cef29613e915
kpatch-patch-4_18_0-147_51_1-debugsource-1-6.el8_1.x86_64.rpm SHA-256: 217dd09e88f345c3f29e64ba3e2eca47686c6dd21c914d231b2a49353b8987c8
kpatch-patch-4_18_0-147_51_2-1-5.el8_1.x86_64.rpm SHA-256: 602d7ab5808af5c7a218aca561249bf17e5156873483a4c16bdeb5d218c56353
kpatch-patch-4_18_0-147_51_2-debuginfo-1-5.el8_1.x86_64.rpm SHA-256: 2766b346ed784595cd72d3fdc93f98478b23c00650b18d9d08ca2fdfea828bb0
kpatch-patch-4_18_0-147_51_2-debugsource-1-5.el8_1.x86_64.rpm SHA-256: be95c8cd7cbd829eba1a39d0c7e0afe63b04985cca4cad3039f3a221468b64ca
kpatch-patch-4_18_0-147_52_1-1-4.el8_1.x86_64.rpm SHA-256: f572c36bbab7f06c882974f3d3049a27021a82c0f13e58db35b3b5abd57bd968
kpatch-patch-4_18_0-147_52_1-debuginfo-1-4.el8_1.x86_64.rpm SHA-256: 8b57726a1e96c04ae35851f87eaedb6079a7bc33deee52af9a183f0c426ebdfc
kpatch-patch-4_18_0-147_52_1-debugsource-1-4.el8_1.x86_64.rpm SHA-256: e431ae50154866ba3308d0b502f3ec08451f4c1c24a10c57b3d26a3d29e7274b
kpatch-patch-4_18_0-147_54_2-1-3.el8_1.x86_64.rpm SHA-256: 0323110bbad24088efa75afbd577d123f5f6cefd5265933f82bf1af7006b3854
kpatch-patch-4_18_0-147_54_2-debuginfo-1-3.el8_1.x86_64.rpm SHA-256: 87a6f17d4cd5cc1ddcc364665e6c55cb0e67b85be6b0ade10b964fe7807f06da
kpatch-patch-4_18_0-147_54_2-debugsource-1-3.el8_1.x86_64.rpm SHA-256: 46f9a6f4d339e54c35817ec9ec80790f95c631a4688954d5dca0e9863d45870b
kpatch-patch-4_18_0-147_56_1-1-3.el8_1.x86_64.rpm SHA-256: 45ab49a90aa1afcacc3d986ab5eb2be71ab8423079a460b521d94ef23cb2effd
kpatch-patch-4_18_0-147_56_1-debuginfo-1-3.el8_1.x86_64.rpm SHA-256: b0014485880a799153a0d3f2f0bee382d4fa9c15be88da13c337c31468eb07bf
kpatch-patch-4_18_0-147_56_1-debugsource-1-3.el8_1.x86_64.rpm SHA-256: 02c41969fa5ef4f83d35ca95113ab73a3036fb5d61d9ffbc3aa0ed89e8a9821b
kpatch-patch-4_18_0-147_57_1-1-2.el8_1.x86_64.rpm SHA-256: 47639c3e246571e1b9144a9e9e5b867c34a365cf410da25c9bafb872598c428b
kpatch-patch-4_18_0-147_57_1-debuginfo-1-2.el8_1.x86_64.rpm SHA-256: ad5d4396d2ea05e0cfee339ab909e08f9209920444136cf4e265e8ff82f5ebf0
kpatch-patch-4_18_0-147_57_1-debugsource-1-2.el8_1.x86_64.rpm SHA-256: 037f3c0d2f2c6fada78434a4b77e48e13d9ee715f339596730dd080f70714e96
kpatch-patch-4_18_0-147_59_1-1-1.el8_1.x86_64.rpm SHA-256: 211fc0196b26a0cf64d0a824c3b770e7b9facf3750ab31b360672d7e8b486e9e
kpatch-patch-4_18_0-147_59_1-debuginfo-1-1.el8_1.x86_64.rpm SHA-256: 0089c62d93239cdc7a0281813ccff5af6c9b490ca66575ab41b32ab1e562b076
kpatch-patch-4_18_0-147_59_1-debugsource-1-1.el8_1.x86_64.rpm SHA-256: 17b1532ccf0cd8d8b722d929aff5ba9874eb2f346e990507ebbff58ae5e70c98

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility