Red Hat Product Errata RHSA-2023:0400 - Security Advisory
Issued:
2023-01-24
Updated:
2023-01-24

RHSA-2023:0400 - Security Advisory

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
  • hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715 (CVE-2021-26401)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update to the latest RHEL7.9.z20 source tree (BZ#2152044)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 2061700 - CVE-2021-26401 hw: cpu: LFENCE/JMP Mitigation Update for CVE-2017-5715
  • BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-1160.83.1.rt56.1228.el7.src.rpm SHA-256: 6d73c8669df2d11dcfedc8a5a79089a856496df4e64895b4a27f9343d0273d54
x86_64
kernel-rt-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: f1c571002bb637cccfe98fee06a7f745ddd673c010d0e2d2febdb90ca931778a
kernel-rt-debug-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 169bb198590ccb5153106de32d0d077146a0f9f3f4d2075ef355f2d30cee7b12
kernel-rt-debug-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 04f7ac929c42d3dfb28a81cf2b0c72096a4fc3b3c197b4efaba50b2c7af2486a
kernel-rt-debug-devel-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 564011721b52c64f8e2403bbe3f6c23d635e28b45ec8c0a9dc3c0c83467e0be1
kernel-rt-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 22b5fb303a1bf80601383f91274d4f23e69089bda78af392cc2749c834efb8da
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 72e3ca8a08cc69abcd45bc63d508dbe7fde62a2390b12f0ac262779f7e6010bf
kernel-rt-devel-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 52a117ec3a5c44172aae54380235d49ee12445d481d3b169a6a42d8e5ff2e055
kernel-rt-doc-3.10.0-1160.83.1.rt56.1228.el7.noarch.rpm SHA-256: b7d0b524cd8cc79d7a7796a26f3d5a0a68a02289438afdbd6b1e1924ff62cc67
kernel-rt-trace-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: eb39fabb18d9b92945a6e1546702049dc0c3e770ff68dec6dcd02a035f560a19
kernel-rt-trace-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: c5f4a512ca5f5f6a030a5a8e064fcfcb2081880411451ade4d22d17b639f95cb
kernel-rt-trace-devel-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 3a02ee8b77879eb2bf590f072d437d8f698cce4881b4bfde342f627a3387749d

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-1160.83.1.rt56.1228.el7.src.rpm SHA-256: 6d73c8669df2d11dcfedc8a5a79089a856496df4e64895b4a27f9343d0273d54
x86_64
kernel-rt-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: f1c571002bb637cccfe98fee06a7f745ddd673c010d0e2d2febdb90ca931778a
kernel-rt-debug-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 169bb198590ccb5153106de32d0d077146a0f9f3f4d2075ef355f2d30cee7b12
kernel-rt-debug-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 04f7ac929c42d3dfb28a81cf2b0c72096a4fc3b3c197b4efaba50b2c7af2486a
kernel-rt-debug-devel-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 564011721b52c64f8e2403bbe3f6c23d635e28b45ec8c0a9dc3c0c83467e0be1
kernel-rt-debug-kvm-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: ebd42c6ee351262bc29ae5d5a0ea795dba6f2c3108428e3202b27f5796535be4
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 5ca05faaf3f03862a117a5c25c893b9e53b2071736d27f6145b14589c381ccbe
kernel-rt-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 22b5fb303a1bf80601383f91274d4f23e69089bda78af392cc2749c834efb8da
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 72e3ca8a08cc69abcd45bc63d508dbe7fde62a2390b12f0ac262779f7e6010bf
kernel-rt-devel-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 52a117ec3a5c44172aae54380235d49ee12445d481d3b169a6a42d8e5ff2e055
kernel-rt-doc-3.10.0-1160.83.1.rt56.1228.el7.noarch.rpm SHA-256: b7d0b524cd8cc79d7a7796a26f3d5a0a68a02289438afdbd6b1e1924ff62cc67
kernel-rt-kvm-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 969bcb778606e36d0587002c51de0c7f75ea6728b5bf60991dd47b04864fd13c
kernel-rt-kvm-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 7c8d24f7f074f3732875bd51a5e5fdf1021e8a61ee3acd18acd9b7d1d6bca1b0
kernel-rt-trace-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: eb39fabb18d9b92945a6e1546702049dc0c3e770ff68dec6dcd02a035f560a19
kernel-rt-trace-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: c5f4a512ca5f5f6a030a5a8e064fcfcb2081880411451ade4d22d17b639f95cb
kernel-rt-trace-devel-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 3a02ee8b77879eb2bf590f072d437d8f698cce4881b4bfde342f627a3387749d
kernel-rt-trace-kvm-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 50280d92b5d278b925592fac3fa0b205105b2af0e4c8f3213ce54b2b8eec9419
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.83.1.rt56.1228.el7.x86_64.rpm SHA-256: 9f35a1ef7e11f3417c273a80505bbfcb422318c9a4fe0ccbf01662eb7db8caa5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.