- Issued:
- 2022-03-17
- Updated:
- 2022-03-17
RHSA-2022:0958 - Security Advisory
Synopsis
Important: kpatch-patch-4_18_0-147_58_1 security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kpatch-patch-4_18_0-147_58_1 is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
Security Fix(es):
- kernel: Use After Free in unix_gc() which could result in a local privilege escalation (CVE-2021-0920)
- kernel: use-after-free in RDMA listen() (CVE-2021-4028)
- kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)
- kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
- kernel: possible privileges escalation due to missing TLB flush (CVE-2022-0330)
- kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
- kernel: failing usercopy allows for use-after-free exploitation (CVE-2022-22942)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- Several kpatch CVEs needed for kernel-4.18.0-147.58.1.el8_1 (BZ#2064297)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2027201 - CVE-2021-4028 kernel: use-after-free in RDMA listen()
- BZ - 2029923 - CVE-2021-4083 kernel: fget: check that the fd still exists after getting a ref to it
- BZ - 2031930 - CVE-2021-0920 kernel: Use After Free in unix_gc() which could result in a local privilege escalation
- BZ - 2034813 - CVE-2021-4155 kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL
- BZ - 2042404 - CVE-2022-0330 kernel: possible privileges escalation due to missing TLB flush
- BZ - 2044809 - CVE-2022-22942 kernel: failing usercopy allows for use-after-free exploitation
- BZ - 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
CVEs
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM | |
---|---|
kpatch-patch-4_18_0-147_58_1-1-1.el8_1.src.rpm | SHA-256: a6d56cc3059cb50a9cb86c246b60f7f8c90140aabf1bfc863478c419b435a25c |
ppc64le | |
kpatch-patch-4_18_0-147_58_1-1-1.el8_1.ppc64le.rpm | SHA-256: 9f996fbdd4f710ec5151dd15bb4345a91426089f2fcd98df18f780ab0c35bf9f |
kpatch-patch-4_18_0-147_58_1-debuginfo-1-1.el8_1.ppc64le.rpm | SHA-256: f1e6724776230c946f093c87a9ca8764c96bff6ccc69b5099319a22de27118f3 |
kpatch-patch-4_18_0-147_58_1-debugsource-1-1.el8_1.ppc64le.rpm | SHA-256: a112e3aa413595657970e0becd4490a383f4512bdaec8ca35b4d3b68d7b22843 |
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM | |
---|---|
kpatch-patch-4_18_0-147_58_1-1-1.el8_1.src.rpm | SHA-256: a6d56cc3059cb50a9cb86c246b60f7f8c90140aabf1bfc863478c419b435a25c |
x86_64 | |
kpatch-patch-4_18_0-147_58_1-1-1.el8_1.x86_64.rpm | SHA-256: 394199a7877f53f9bb126039ae3922fa38dd79a21849746cee2a8764498eaa60 |
kpatch-patch-4_18_0-147_58_1-debuginfo-1-1.el8_1.x86_64.rpm | SHA-256: 94c10c7459e0842b772a7280c118a778614928c449cecbb28928b11c38a199e6 |
kpatch-patch-4_18_0-147_58_1-debugsource-1-1.el8_1.x86_64.rpm | SHA-256: e61323c7277a9fd0b2ea6e7969f6afd09e5cd9bd1bf0cbb87c10eaec41b27c6d |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.