- Issued:
- 2022-05-18
- Updated:
- 2022-05-18
RHSA-2022:4644 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update to the latest RHEL7.9.z14 source tree (BZ#2071179)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 7 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 7 x86_64
Fixes
- BZ - 2051505 - CVE-2022-0492 kernel: cgroups v1 release_agent feature may allow privilege escalation
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-1160.66.1.rt56.1207.el7.src.rpm | SHA-256: 9488385d589f6c9d69408322c3be11330d1933dfe0fb1eaac19cf330dc12f8d7 |
| x86_64 | |
| kernel-rt-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 32832c528b2aee44887b4718bcacd120c9b25e5875dbf96626a938eb4d1d5e10 |
| kernel-rt-debug-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 84396eb31867fe5fcddaae5f0a529271e94f502a21d38a0924d3d2e7c3ab5dff |
| kernel-rt-debug-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 1a07d61f69196848fd9be0e4666768d007827df408bbce5e38a1ae6a0f321b83 |
| kernel-rt-debug-devel-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 8f66f7873bcb9c5c4017db14a498b0d4c6622533fd0ec268a1178a6202aaacd6 |
| kernel-rt-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: d0eea42a419254432707b44a25d8a0e0737b04f97e6e217c8e1c529e040e58a0 |
| kernel-rt-debuginfo-common-x86_64-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 325ead407c538b1e24c4f38723e87db79453f61618e50e8cb26f299fc92f4f12 |
| kernel-rt-devel-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 5494a58f527484ba771ac093f4b74a4806162708b7e05fcafc84edb05bed2b3b |
| kernel-rt-doc-3.10.0-1160.66.1.rt56.1207.el7.noarch.rpm | SHA-256: b1f19ebcad900523d1a82a5e2d6260dba4cb6093ef69afb3906ea6f52235b76f |
| kernel-rt-trace-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 04c5add619d1af7e7ade96a8716198bb25a355b3c364d3ef56304347d48a3a84 |
| kernel-rt-trace-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 23a72f6538d5b31def31e6b8276aaab717ef64a9a7241ac983c25a9caaaf13cd |
| kernel-rt-trace-devel-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 28e676246c269c938d9c5aaa33e390ad39eb0e9b310f679f72371d015f484875 |
Red Hat Enterprise Linux for Real Time for NFV 7
| SRPM | |
|---|---|
| kernel-rt-3.10.0-1160.66.1.rt56.1207.el7.src.rpm | SHA-256: 9488385d589f6c9d69408322c3be11330d1933dfe0fb1eaac19cf330dc12f8d7 |
| x86_64 | |
| kernel-rt-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 32832c528b2aee44887b4718bcacd120c9b25e5875dbf96626a938eb4d1d5e10 |
| kernel-rt-debug-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 84396eb31867fe5fcddaae5f0a529271e94f502a21d38a0924d3d2e7c3ab5dff |
| kernel-rt-debug-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 1a07d61f69196848fd9be0e4666768d007827df408bbce5e38a1ae6a0f321b83 |
| kernel-rt-debug-devel-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 8f66f7873bcb9c5c4017db14a498b0d4c6622533fd0ec268a1178a6202aaacd6 |
| kernel-rt-debug-kvm-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: fc26f2a5b8ad192f61a7ceeceff6a30085f2530086ef92debc6616d64d6bcfdc |
| kernel-rt-debug-kvm-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 4bfd7c7dd1a7073b1bcb9a77334c56488742b411ab1b0d5acf242ac6b9ba193d |
| kernel-rt-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: d0eea42a419254432707b44a25d8a0e0737b04f97e6e217c8e1c529e040e58a0 |
| kernel-rt-debuginfo-common-x86_64-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 325ead407c538b1e24c4f38723e87db79453f61618e50e8cb26f299fc92f4f12 |
| kernel-rt-devel-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 5494a58f527484ba771ac093f4b74a4806162708b7e05fcafc84edb05bed2b3b |
| kernel-rt-doc-3.10.0-1160.66.1.rt56.1207.el7.noarch.rpm | SHA-256: b1f19ebcad900523d1a82a5e2d6260dba4cb6093ef69afb3906ea6f52235b76f |
| kernel-rt-kvm-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: f34ee9573e4f77d5e3db1198b2211953fef95980e3373bf54e5d5e469c7ffb80 |
| kernel-rt-kvm-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: bade776a3188c6922a75be8f7c9d7a3c78f1a5b30755894b32d48fffdb6f5c32 |
| kernel-rt-trace-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 04c5add619d1af7e7ade96a8716198bb25a355b3c364d3ef56304347d48a3a84 |
| kernel-rt-trace-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 23a72f6538d5b31def31e6b8276aaab717ef64a9a7241ac983c25a9caaaf13cd |
| kernel-rt-trace-devel-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 28e676246c269c938d9c5aaa33e390ad39eb0e9b310f679f72371d015f484875 |
| kernel-rt-trace-kvm-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: 41328834844c0c7be15a7d7bbc1959db7e35675afab768c75550163dc9625de9 |
| kernel-rt-trace-kvm-debuginfo-3.10.0-1160.66.1.rt56.1207.el7.x86_64.rpm | SHA-256: b0ef92955c5a49056c143234aaff304da8ff84520e4f0685dbe91bc871da3610 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.