RHSA-2023:1067 - Security Advisory

Overview
Updated Packages

Synopsis

Important: pesign security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for pesign is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools.

Security Fix(es):

pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

BZ - 2135420 - CVE-2022-3560 pesign: Local privilege escalation on pesign systemd service

CVEs

CVE-2022-3560

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
pesign-115-6.el9_1.src.rpm	SHA-256: 2d3af3310e6e89657fb79c9d61319268a3c277ce899fc00a5c6c8f1330fe83bc
x86_64
pesign-115-6.el9_1.x86_64.rpm	SHA-256: 334060e959f8e93b92c708d31736f7e6209cb0910aa13e3f68d5097762d2665b
pesign-debuginfo-115-6.el9_1.x86_64.rpm	SHA-256: f831d2f76723c45e2932c00a420fccb17d5f7dd2323a2a08ceab61e74ecf882a
pesign-debugsource-115-6.el9_1.x86_64.rpm	SHA-256: 1af2578a43975189670f49dad787a31bc1cdd2ceda0eaadba2fdc26fe0f539de

Red Hat Enterprise Linux for ARM 64 9

SRPM
pesign-115-6.el9_1.src.rpm	SHA-256: 2d3af3310e6e89657fb79c9d61319268a3c277ce899fc00a5c6c8f1330fe83bc
aarch64
pesign-115-6.el9_1.aarch64.rpm	SHA-256: cafbaf7b9117a91c71dfca792552e2d431f8f7e143238814fd156072e099efbb
pesign-debuginfo-115-6.el9_1.aarch64.rpm	SHA-256: 5e9a550359f5a02e56eb8e4d962d9f7289675848152c82a89b578639c5310f85
pesign-debugsource-115-6.el9_1.aarch64.rpm	SHA-256: dc85ab8c93ec9f1fdedc3e8cbaed88a75264c62601be7ddf13286d63ad3f9de4

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation