Issued:: 2023-01-23
Updated:: 2023-01-23

RHSA-2023:0348 - Security Advisory

Overview
Updated Packages

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959)
kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)
kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
Red Hat Enterprise Linux Server - AUS 9.2 x86_64
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64

Fixes

BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.
BZ - 2103681 - CVE-2022-2959 kernel: watch queue race condition can lead to privilege escalation
BZ - 2141752 - CVE-2022-43945 kernel: nfsd buffer overflow by RPC message over TCP with garbage data
BZ - 2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux for Power, little endian 9

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
ppc64le
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.ppc64le.rpm	SHA-256: a2f09a588313853db2359de11412796d6df559c454e2ada56b5f7ce8b9a80326
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.ppc64le.rpm	SHA-256: 7ab83f815c4f1ae97cc75d15a2d1f9a6aa7171262b35cbf4af5695d9803a6d72
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.ppc64le.rpm	SHA-256: 2f2905fb9802466a72f0f170deeebff9e40ff36e620e02957952ed154f32b376

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
ppc64le
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.ppc64le.rpm	SHA-256: a2f09a588313853db2359de11412796d6df559c454e2ada56b5f7ce8b9a80326
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.ppc64le.rpm	SHA-256: 7ab83f815c4f1ae97cc75d15a2d1f9a6aa7171262b35cbf4af5695d9803a6d72
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.ppc64le.rpm	SHA-256: 2f2905fb9802466a72f0f170deeebff9e40ff36e620e02957952ed154f32b376

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
ppc64le
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.ppc64le.rpm	SHA-256: a2f09a588313853db2359de11412796d6df559c454e2ada56b5f7ce8b9a80326
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.ppc64le.rpm	SHA-256: 7ab83f815c4f1ae97cc75d15a2d1f9a6aa7171262b35cbf4af5695d9803a6d72
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.ppc64le.rpm	SHA-256: 2f2905fb9802466a72f0f170deeebff9e40ff36e620e02957952ed154f32b376

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
ppc64le
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.ppc64le.rpm	SHA-256: a2f09a588313853db2359de11412796d6df559c454e2ada56b5f7ce8b9a80326
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.ppc64le.rpm	SHA-256: 7ab83f815c4f1ae97cc75d15a2d1f9a6aa7171262b35cbf4af5695d9803a6d72
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.ppc64le.rpm	SHA-256: 2f2905fb9802466a72f0f170deeebff9e40ff36e620e02957952ed154f32b376

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
ppc64le
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.ppc64le.rpm	SHA-256: a2f09a588313853db2359de11412796d6df559c454e2ada56b5f7ce8b9a80326
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.ppc64le.rpm	SHA-256: 7ab83f815c4f1ae97cc75d15a2d1f9a6aa7171262b35cbf4af5695d9803a6d72
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.ppc64le.rpm	SHA-256: 2f2905fb9802466a72f0f170deeebff9e40ff36e620e02957952ed154f32b376

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
ppc64le
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.ppc64le.rpm	SHA-256: a2f09a588313853db2359de11412796d6df559c454e2ada56b5f7ce8b9a80326
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.ppc64le.rpm	SHA-256: 7ab83f815c4f1ae97cc75d15a2d1f9a6aa7171262b35cbf4af5695d9803a6d72
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.ppc64le.rpm	SHA-256: 2f2905fb9802466a72f0f170deeebff9e40ff36e620e02957952ed154f32b376

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
ppc64le
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.ppc64le.rpm	SHA-256: a2f09a588313853db2359de11412796d6df559c454e2ada56b5f7ce8b9a80326
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.ppc64le.rpm	SHA-256: 7ab83f815c4f1ae97cc75d15a2d1f9a6aa7171262b35cbf4af5695d9803a6d72
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.ppc64le.rpm	SHA-256: 2f2905fb9802466a72f0f170deeebff9e40ff36e620e02957952ed154f32b376

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.src.rpm	SHA-256: e0d16cb9bb994d71d5c6938afb7344e93a3a0c66c04173047ca11c5105969fad
x86_64
kpatch-patch-5_14_0-162_6_1-1-1.el9_1.x86_64.rpm	SHA-256: 9a59384ee490daa65e329e53ba45cff2165877e0d8a3596227474c2a1494f943
kpatch-patch-5_14_0-162_6_1-debuginfo-1-1.el9_1.x86_64.rpm	SHA-256: 62442c96aa4f918e7fe79d2fe5d580f73f254584a47305e87afbb4a4b253d2b9
kpatch-patch-5_14_0-162_6_1-debugsource-1-1.el9_1.x86_64.rpm	SHA-256: 676d0b3b3307edc4294656b8b9c434a76ab219b9ab2eeb3b9bf375009e50bc4f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation