Red Hat Product Errata RHSA-2023:1092 - Security Advisory
Issued:
2023-03-07
Updated:
2023-03-07

RHSA-2023:1092 - Security Advisory

Synopsis

Important: kernel-rt security and bug fix update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kernel-rt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Security Fix(es):

  • kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)
  • kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • kernel-rt: update to the latest RHEL7.9.z21 source tree (BZ#2159523)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for Real Time 7 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 7 x86_64

Fixes

  • BZ - 2133483 - CVE-2022-42703 kernel: use-after-free related to leaf anon_vma double reuse
  • BZ - 2152548 - CVE-2022-4378 kernel: stack overflow in do_proc_dointvec and proc_skip_spaces

Red Hat Enterprise Linux for Real Time 7

SRPM
kernel-rt-3.10.0-1160.88.1.rt56.1233.el7.src.rpm SHA-256: cb68f4961b549d40ef5ae55edab068656e3750a05cbe4ad9d270ee34cedf8c3e
x86_64
kernel-rt-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 98242e61d8d24d3723dc51026351f3f91218547abbe1007aacca853db4486165
kernel-rt-debug-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: c11e0265ba0a386d8b316186c29cdaf03dbcbe3b858f4dad00d0e37cae22c65f
kernel-rt-debug-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: a102f535b6118b803eeca0c00269fe856685c7c91a1aa9375aecf8264354c4f0
kernel-rt-debug-devel-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 036c914b6c13542481659c1da2539a4c963f6d167e47efc6b8b39dfea13e9a01
kernel-rt-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: c28fbbed3a36513625678c20ae9dda36d01600401d6b38aa9ac242a0f6434d89
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 80db5724f5d35ca205e2a82718f54412e13bda7b3333e524fc709b4caefabf7d
kernel-rt-devel-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: ca68e381e9277649a983999acd925e20e6c3d3033a749766359ef5fba18d7efd
kernel-rt-doc-3.10.0-1160.88.1.rt56.1233.el7.noarch.rpm SHA-256: 606446d666b100947c1e86daae8e5d0bf15defd9b8a03b3b366b7ec4745d0972
kernel-rt-trace-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: f2584938c3f6ba41553847d2f1a8048ed45cc8e12f61fdec47a2cc21832612aa
kernel-rt-trace-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: ed4c790dc668faf374d18c7ecf4be2bd6cf2dc2d2117fd1970be26b83b7732ba
kernel-rt-trace-devel-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 2b9d720f2f21ae6b613646c39c44b903010876d8f6cc11a57cf7dcd017965143

Red Hat Enterprise Linux for Real Time for NFV 7

SRPM
kernel-rt-3.10.0-1160.88.1.rt56.1233.el7.src.rpm SHA-256: cb68f4961b549d40ef5ae55edab068656e3750a05cbe4ad9d270ee34cedf8c3e
x86_64
kernel-rt-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 98242e61d8d24d3723dc51026351f3f91218547abbe1007aacca853db4486165
kernel-rt-debug-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: c11e0265ba0a386d8b316186c29cdaf03dbcbe3b858f4dad00d0e37cae22c65f
kernel-rt-debug-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: a102f535b6118b803eeca0c00269fe856685c7c91a1aa9375aecf8264354c4f0
kernel-rt-debug-devel-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 036c914b6c13542481659c1da2539a4c963f6d167e47efc6b8b39dfea13e9a01
kernel-rt-debug-kvm-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 23f7c993745b0b3ca74c534bf21b908a180a1e5a6e07bec12ed39ba6cf33b4a6
kernel-rt-debug-kvm-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 918926960829e50795ba2d954dc8219c382bbc1049ee9fba603d7ce40517aafa
kernel-rt-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: c28fbbed3a36513625678c20ae9dda36d01600401d6b38aa9ac242a0f6434d89
kernel-rt-debuginfo-common-x86_64-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 80db5724f5d35ca205e2a82718f54412e13bda7b3333e524fc709b4caefabf7d
kernel-rt-devel-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: ca68e381e9277649a983999acd925e20e6c3d3033a749766359ef5fba18d7efd
kernel-rt-doc-3.10.0-1160.88.1.rt56.1233.el7.noarch.rpm SHA-256: 606446d666b100947c1e86daae8e5d0bf15defd9b8a03b3b366b7ec4745d0972
kernel-rt-kvm-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 805f0ca30bb4742982db89779da0b8a5329f7aa1635a674ab4b9957fa83d5926
kernel-rt-kvm-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 57bded5e146fe16e3cad9656a56731b163e387496c026018aab65d8e9ab00e5f
kernel-rt-trace-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: f2584938c3f6ba41553847d2f1a8048ed45cc8e12f61fdec47a2cc21832612aa
kernel-rt-trace-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: ed4c790dc668faf374d18c7ecf4be2bd6cf2dc2d2117fd1970be26b83b7732ba
kernel-rt-trace-devel-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 2b9d720f2f21ae6b613646c39c44b903010876d8f6cc11a57cf7dcd017965143
kernel-rt-trace-kvm-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 870fd63431e9c51c97b45543686b7329259fe51f83afa2b0615ce355b0c9c1a4
kernel-rt-trace-kvm-debuginfo-3.10.0-1160.88.1.rt56.1233.el7.x86_64.rpm SHA-256: 5711c72ffe6d7200a2e5c158b75a680e327bf6815a1eedb6232da5cef6efad6a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.