Red Hat Product Errata RHSA-2023:0526 - Security Advisory
Issued:
2023-01-30
Updated:
2023-01-30

RHSA-2023:0526 - Security Advisory

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)
  • kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update RT source tree to the latest RHEL-9.0.z6 Batch (BZ#2149955)
  • DELL 9.0 RT: On PE R760 system, call traces are observed dmesg when system is running stress (BZ#2154426)
  • RT Debug bug: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 (BZ#2160774)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64

Fixes

  • BZ - 2067482 - CVE-2022-2964 kernel: memory corruption in AX88179_178A based USB ethernet device.
  • BZ - 2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM
kernel-rt-5.14.0-70.43.1.rt21.114.el9_0.src.rpm SHA-256: 50b2426b9dfd7bd449de5283f666786a41f904f4d41cc35b87fff713c652eab7
x86_64
kernel-rt-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: d6930ed81c0da7f63ae74a77dfef9beeb35a57331fd9ffb307d94ba6f81546ad
kernel-rt-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: d6930ed81c0da7f63ae74a77dfef9beeb35a57331fd9ffb307d94ba6f81546ad
kernel-rt-core-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 68b4ee45d2db65a865f323d46596406db3afe73327d5308cc7e61ed773ee764f
kernel-rt-core-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 68b4ee45d2db65a865f323d46596406db3afe73327d5308cc7e61ed773ee764f
kernel-rt-debug-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 0a07f8f5e7167345c8e37f6ad0a3e8f8e5d72f59e3e957e97b9ea1527498a57d
kernel-rt-debug-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 0a07f8f5e7167345c8e37f6ad0a3e8f8e5d72f59e3e957e97b9ea1527498a57d
kernel-rt-debug-core-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: d7ea79a34306964f217f56daa43e6f2bdb578a80d8bd3a1edb8876db523ba59e
kernel-rt-debug-core-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: d7ea79a34306964f217f56daa43e6f2bdb578a80d8bd3a1edb8876db523ba59e
kernel-rt-debug-debuginfo-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: e0a2fd1c2139725b59d0368b7681cded2775b7629c5dfc7cf94d9631045c63bf
kernel-rt-debug-debuginfo-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: e0a2fd1c2139725b59d0368b7681cded2775b7629c5dfc7cf94d9631045c63bf
kernel-rt-debug-devel-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: b4f98e5f9b1b9c3a438b7519370205dbc74092bbbe1f88dc585f52fdd341fbfa
kernel-rt-debug-devel-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: b4f98e5f9b1b9c3a438b7519370205dbc74092bbbe1f88dc585f52fdd341fbfa
kernel-rt-debug-kvm-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: d56c3cef9c0454cd9108188b1a8a06cb693bd9386c3909e576e2f85d6010fe0a
kernel-rt-debug-modules-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: ef00f175545400a32311c1bac78892a256bc79b930a3c328d66c5abba2d60a87
kernel-rt-debug-modules-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: ef00f175545400a32311c1bac78892a256bc79b930a3c328d66c5abba2d60a87
kernel-rt-debug-modules-extra-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 588820c3eeadc259cee699c591e43430a936e3e78226e46f98f2c42cf8ef9599
kernel-rt-debug-modules-extra-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 588820c3eeadc259cee699c591e43430a936e3e78226e46f98f2c42cf8ef9599
kernel-rt-debuginfo-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: d5b16ef5b74b30a0db8d7f3bca7b1203dc4511928d17df96518203adbc9ec16a
kernel-rt-debuginfo-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: d5b16ef5b74b30a0db8d7f3bca7b1203dc4511928d17df96518203adbc9ec16a
kernel-rt-debuginfo-common-x86_64-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 03afa710e40e713747e9e8796b9109650d10fea965628bc9d5427f48fc5463ba
kernel-rt-debuginfo-common-x86_64-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 03afa710e40e713747e9e8796b9109650d10fea965628bc9d5427f48fc5463ba
kernel-rt-devel-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: c48eedda78897e9f16725a0ad5ee6121c8e6d1d6ada0fb7edc0ab5888b0fea4b
kernel-rt-devel-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: c48eedda78897e9f16725a0ad5ee6121c8e6d1d6ada0fb7edc0ab5888b0fea4b
kernel-rt-kvm-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 6eced1a503a96d0b4a664f3b7ad3d1ef30dc7abc865d3dba87c4ff96ed87103b
kernel-rt-modules-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: be1795fd599e55e9d31c1edd377c7af4a05be890fa036c1a6710c798f24de9bf
kernel-rt-modules-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: be1795fd599e55e9d31c1edd377c7af4a05be890fa036c1a6710c798f24de9bf
kernel-rt-modules-extra-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 4b30e127b3519373501a19ebb7d4051c17fe00a1d7a9f2cf70e5d360f5a2a963
kernel-rt-modules-extra-5.14.0-70.43.1.rt21.114.el9_0.x86_64.rpm SHA-256: 4b30e127b3519373501a19ebb7d4051c17fe00a1d7a9f2cf70e5d360f5a2a963

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.