- Issued:
- 2023-01-12
- Updated:
- 2023-01-12
RHSA-2023:0114 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
- kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- The latest RHEL 8.7.z1 kernel changes need to be merged into the RT source tree to keep source parity between the two kernels. (BZ#2137411)
- [DELL EMC 8.6-RT BUG] System is not booting into RT Kernel with perc12. (BZ#2139867)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
- Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.8 x86_64
- Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.8 x86_64
Fixes
- BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.
- BZ - 2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm | SHA-256: 07b96f9f984e6b219d560ce24a26d717387e048695d6ea15878dbf2047d1c57b |
| x86_64 | |
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: ba934c62edc41eca93e717799f9e927a21874a8691f84ca1824c0339660d7a9e |
| kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 5e54b9d1b7c79030e4840a29605273e29c5ecd5147e159fc93d4a41ccea8179e |
| kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7d341dfd0e6a5bcc09e52d7fe58d814d6400258fd51b756a7c89005ac6c64661 |
| kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: f169809e75bc44b56234145de2980539dce4fd2a7ab937ad7847cab04cedf27f |
| kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: e9707b41f9a71593473ca63d37b821fd82defe8a683eba653a1d6e70dae9155d |
| kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 17ba5491a2080b548ef427f225b652a7382f79ff8c9d7a076f7d64553edff9c1 |
| kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7f864678fafd3ade8524a665f2ec21d1e3ae6b775e2c40d10824d2deaf099ad9 |
| kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 574c8ea38cd6ce9f4e167432528565f4e6e6d35163af99784c620063eed28b54 |
| kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 1ee11d44e69ae1d253a376b84d6362b316610e6ae95d4f6c336cd5794ac5595d |
| kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: a39ca6b8f20ce557d1c3700f407cd2f4d8b76e72d74dbf387422e82f11589029 |
| kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: dbc52662645cf2f329d6dd0d35237b3b6fd4d81210acdcb55dde1fc57e47b23b |
| kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 4371b009b95c46757dc46e85cb6d09b66a7bc9869e80ff8bd17b8cdbf9178df1 |
| kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 334b45867fba4a1271d8b5bac534054a6974f272532b8fb53766a295ababb697 |
Red Hat Enterprise Linux for Real Time for NFV 8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm | SHA-256: 07b96f9f984e6b219d560ce24a26d717387e048695d6ea15878dbf2047d1c57b |
| x86_64 | |
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: ba934c62edc41eca93e717799f9e927a21874a8691f84ca1824c0339660d7a9e |
| kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 5e54b9d1b7c79030e4840a29605273e29c5ecd5147e159fc93d4a41ccea8179e |
| kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7d341dfd0e6a5bcc09e52d7fe58d814d6400258fd51b756a7c89005ac6c64661 |
| kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: f169809e75bc44b56234145de2980539dce4fd2a7ab937ad7847cab04cedf27f |
| kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: e9707b41f9a71593473ca63d37b821fd82defe8a683eba653a1d6e70dae9155d |
| kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 17ba5491a2080b548ef427f225b652a7382f79ff8c9d7a076f7d64553edff9c1 |
| kernel-rt-debug-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 613377109832e4c7f8a0a0761e7bf4bad8bbbd486320ce0f797f68aec0585498 |
| kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7f864678fafd3ade8524a665f2ec21d1e3ae6b775e2c40d10824d2deaf099ad9 |
| kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 574c8ea38cd6ce9f4e167432528565f4e6e6d35163af99784c620063eed28b54 |
| kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 1ee11d44e69ae1d253a376b84d6362b316610e6ae95d4f6c336cd5794ac5595d |
| kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: a39ca6b8f20ce557d1c3700f407cd2f4d8b76e72d74dbf387422e82f11589029 |
| kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: dbc52662645cf2f329d6dd0d35237b3b6fd4d81210acdcb55dde1fc57e47b23b |
| kernel-rt-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 57e175ac8f9130fee7d52c391fb6a4bb559120be04d7dda329c2f3490cf4cbf6 |
| kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 4371b009b95c46757dc46e85cb6d09b66a7bc9869e80ff8bd17b8cdbf9178df1 |
| kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 334b45867fba4a1271d8b5bac534054a6974f272532b8fb53766a295ababb697 |
Red Hat Enterprise Linux for Real Time - Telecommunications Update Service 8.8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm | SHA-256: 07b96f9f984e6b219d560ce24a26d717387e048695d6ea15878dbf2047d1c57b |
| x86_64 | |
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: ba934c62edc41eca93e717799f9e927a21874a8691f84ca1824c0339660d7a9e |
| kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 5e54b9d1b7c79030e4840a29605273e29c5ecd5147e159fc93d4a41ccea8179e |
| kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7d341dfd0e6a5bcc09e52d7fe58d814d6400258fd51b756a7c89005ac6c64661 |
| kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: f169809e75bc44b56234145de2980539dce4fd2a7ab937ad7847cab04cedf27f |
| kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: e9707b41f9a71593473ca63d37b821fd82defe8a683eba653a1d6e70dae9155d |
| kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 17ba5491a2080b548ef427f225b652a7382f79ff8c9d7a076f7d64553edff9c1 |
| kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7f864678fafd3ade8524a665f2ec21d1e3ae6b775e2c40d10824d2deaf099ad9 |
| kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 574c8ea38cd6ce9f4e167432528565f4e6e6d35163af99784c620063eed28b54 |
| kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 1ee11d44e69ae1d253a376b84d6362b316610e6ae95d4f6c336cd5794ac5595d |
| kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: a39ca6b8f20ce557d1c3700f407cd2f4d8b76e72d74dbf387422e82f11589029 |
| kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: dbc52662645cf2f329d6dd0d35237b3b6fd4d81210acdcb55dde1fc57e47b23b |
| kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 4371b009b95c46757dc46e85cb6d09b66a7bc9869e80ff8bd17b8cdbf9178df1 |
| kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 334b45867fba4a1271d8b5bac534054a6974f272532b8fb53766a295ababb697 |
Red Hat Enterprise Linux for Real Time for NFV - Telecommunications Update Service 8.8
| SRPM | |
|---|---|
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.src.rpm | SHA-256: 07b96f9f984e6b219d560ce24a26d717387e048695d6ea15878dbf2047d1c57b |
| x86_64 | |
| kernel-rt-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: ba934c62edc41eca93e717799f9e927a21874a8691f84ca1824c0339660d7a9e |
| kernel-rt-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 5e54b9d1b7c79030e4840a29605273e29c5ecd5147e159fc93d4a41ccea8179e |
| kernel-rt-debug-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7d341dfd0e6a5bcc09e52d7fe58d814d6400258fd51b756a7c89005ac6c64661 |
| kernel-rt-debug-core-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: f169809e75bc44b56234145de2980539dce4fd2a7ab937ad7847cab04cedf27f |
| kernel-rt-debug-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: e9707b41f9a71593473ca63d37b821fd82defe8a683eba653a1d6e70dae9155d |
| kernel-rt-debug-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 17ba5491a2080b548ef427f225b652a7382f79ff8c9d7a076f7d64553edff9c1 |
| kernel-rt-debug-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 613377109832e4c7f8a0a0761e7bf4bad8bbbd486320ce0f797f68aec0585498 |
| kernel-rt-debug-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 7f864678fafd3ade8524a665f2ec21d1e3ae6b775e2c40d10824d2deaf099ad9 |
| kernel-rt-debug-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 574c8ea38cd6ce9f4e167432528565f4e6e6d35163af99784c620063eed28b54 |
| kernel-rt-debuginfo-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 1ee11d44e69ae1d253a376b84d6362b316610e6ae95d4f6c336cd5794ac5595d |
| kernel-rt-debuginfo-common-x86_64-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: a39ca6b8f20ce557d1c3700f407cd2f4d8b76e72d74dbf387422e82f11589029 |
| kernel-rt-devel-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: dbc52662645cf2f329d6dd0d35237b3b6fd4d81210acdcb55dde1fc57e47b23b |
| kernel-rt-kvm-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 57e175ac8f9130fee7d52c391fb6a4bb559120be04d7dda329c2f3490cf4cbf6 |
| kernel-rt-modules-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 4371b009b95c46757dc46e85cb6d09b66a7bc9869e80ff8bd17b8cdbf9178df1 |
| kernel-rt-modules-extra-4.18.0-425.10.1.rt7.220.el8_7.x86_64.rpm | SHA-256: 334b45867fba4a1271d8b5bac534054a6974f272532b8fb53766a295ababb697 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
