- Issued:
- 2023-04-11
- Updated:
- 2023-04-11
RHSA-2023:1691 - Security Advisory
Synopsis
Important: kernel-rt security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for kernel-rt is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
Security Fix(es):
- kernel: FUSE filesystem low-privileged user privileges escalation (CVE-2023-0386)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
- kernel-rt: update RT source tree to the latest RHEL-9.1.z3 Batch (BZ#2182066)
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
The system must be rebooted for this update to take effect.
Affected Products
- Red Hat Enterprise Linux for Real Time 9 x86_64
- Red Hat Enterprise Linux for Real Time for NFV 9 x86_64
- Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.4 x86_64
- Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64
- Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.4 x86_64
- Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64
Fixes
- BZ - 2159505 - CVE-2023-0386 kernel: FUSE filesystem low-privileged user privileges escalation
CVEs
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux for Real Time 9
| SRPM | |
|---|---|
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.src.rpm | SHA-256: b3dc17baa7cfd5b29823a2982d5212bbd4b2869a2f455d418908645f08d2b591 |
| x86_64 | |
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: c85a9d654b2510f2d5046d0b4a88f203bdd627248bbe3e8b9ae68f704fe75bce |
| kernel-rt-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 80c6525226812c5a41b098cc74c5724d505588cc06a19b2e70fe44bdff243764 |
| kernel-rt-debug-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 20b2d1799c8d9132e3ff4ffa7b090f26a16521b7473d8cced91addcca304662f |
| kernel-rt-debug-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4e6bfe16cb9207c827287b96f5d4378f8c3b5d5a8d1426b819b3bada27723b0a |
| kernel-rt-debug-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38e7a67f9455d53604db3ce1759727ec4df0b83f9d3beeed4e0331448237b70b |
| kernel-rt-debug-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c9e8d4f5d4fd54e68c93a2e6d4bae786c8ce2a95d416ae16f4a714b23300b12 |
| kernel-rt-debug-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 501d9e6a095e84fc9ca68ce611bc264caaa670765c4ce743771e4764150402f1 |
| kernel-rt-debug-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: d989a92bb508fa8275d69aad54bc9ed54b1e8c3821296666c22f05a1a52667d1 |
| kernel-rt-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c1453b0c141266b8a232c9735f6c3b1ab940a08699a35be327e1bbaa38defcd |
| kernel-rt-debuginfo-common-x86_64-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 5cf979018797cab9db0bdd33c7c5a11c36751da2d693f9d560f36b66c6be7ba8 |
| kernel-rt-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 055e928c68f9ca86439ec9be60157a0255b3092912839e7c0cf3aa06dc9b570d |
| kernel-rt-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 1a6652b342892f4d9660a19623b5047ed7d50df10e8075ce32d4488883ebee3e |
| kernel-rt-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: dccd8d908c09bc58d245d4f54ce65bb8805753644dbefe17a745543d455a3c0a |
Red Hat Enterprise Linux for Real Time for NFV 9
| SRPM | |
|---|---|
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.src.rpm | SHA-256: b3dc17baa7cfd5b29823a2982d5212bbd4b2869a2f455d418908645f08d2b591 |
| x86_64 | |
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: c85a9d654b2510f2d5046d0b4a88f203bdd627248bbe3e8b9ae68f704fe75bce |
| kernel-rt-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 80c6525226812c5a41b098cc74c5724d505588cc06a19b2e70fe44bdff243764 |
| kernel-rt-debug-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 20b2d1799c8d9132e3ff4ffa7b090f26a16521b7473d8cced91addcca304662f |
| kernel-rt-debug-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4e6bfe16cb9207c827287b96f5d4378f8c3b5d5a8d1426b819b3bada27723b0a |
| kernel-rt-debug-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38e7a67f9455d53604db3ce1759727ec4df0b83f9d3beeed4e0331448237b70b |
| kernel-rt-debug-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c9e8d4f5d4fd54e68c93a2e6d4bae786c8ce2a95d416ae16f4a714b23300b12 |
| kernel-rt-debug-kvm-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: e3aa442b54a58a37b01e20817961edba4dbd7dda511e1e8dbf011813bc6c1f32 |
| kernel-rt-debug-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 501d9e6a095e84fc9ca68ce611bc264caaa670765c4ce743771e4764150402f1 |
| kernel-rt-debug-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: d989a92bb508fa8275d69aad54bc9ed54b1e8c3821296666c22f05a1a52667d1 |
| kernel-rt-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c1453b0c141266b8a232c9735f6c3b1ab940a08699a35be327e1bbaa38defcd |
| kernel-rt-debuginfo-common-x86_64-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 5cf979018797cab9db0bdd33c7c5a11c36751da2d693f9d560f36b66c6be7ba8 |
| kernel-rt-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 055e928c68f9ca86439ec9be60157a0255b3092912839e7c0cf3aa06dc9b570d |
| kernel-rt-kvm-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38c23f26aed9c0328344091c95cbb9aaf7cc644708a20ba2befaa2f387550bfc |
| kernel-rt-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 1a6652b342892f4d9660a19623b5047ed7d50df10e8075ce32d4488883ebee3e |
| kernel-rt-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: dccd8d908c09bc58d245d4f54ce65bb8805753644dbefe17a745543d455a3c0a |
Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.4
| SRPM | |
|---|---|
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.src.rpm | SHA-256: b3dc17baa7cfd5b29823a2982d5212bbd4b2869a2f455d418908645f08d2b591 |
| x86_64 | |
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: c85a9d654b2510f2d5046d0b4a88f203bdd627248bbe3e8b9ae68f704fe75bce |
| kernel-rt-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 80c6525226812c5a41b098cc74c5724d505588cc06a19b2e70fe44bdff243764 |
| kernel-rt-debug-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 20b2d1799c8d9132e3ff4ffa7b090f26a16521b7473d8cced91addcca304662f |
| kernel-rt-debug-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4e6bfe16cb9207c827287b96f5d4378f8c3b5d5a8d1426b819b3bada27723b0a |
| kernel-rt-debug-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38e7a67f9455d53604db3ce1759727ec4df0b83f9d3beeed4e0331448237b70b |
| kernel-rt-debug-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c9e8d4f5d4fd54e68c93a2e6d4bae786c8ce2a95d416ae16f4a714b23300b12 |
| kernel-rt-debug-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 501d9e6a095e84fc9ca68ce611bc264caaa670765c4ce743771e4764150402f1 |
| kernel-rt-debug-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: d989a92bb508fa8275d69aad54bc9ed54b1e8c3821296666c22f05a1a52667d1 |
| kernel-rt-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c1453b0c141266b8a232c9735f6c3b1ab940a08699a35be327e1bbaa38defcd |
| kernel-rt-debuginfo-common-x86_64-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 5cf979018797cab9db0bdd33c7c5a11c36751da2d693f9d560f36b66c6be7ba8 |
| kernel-rt-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 055e928c68f9ca86439ec9be60157a0255b3092912839e7c0cf3aa06dc9b570d |
| kernel-rt-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 1a6652b342892f4d9660a19623b5047ed7d50df10e8075ce32d4488883ebee3e |
| kernel-rt-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: dccd8d908c09bc58d245d4f54ce65bb8805753644dbefe17a745543d455a3c0a |
Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2
| SRPM | |
|---|---|
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.src.rpm | SHA-256: b3dc17baa7cfd5b29823a2982d5212bbd4b2869a2f455d418908645f08d2b591 |
| x86_64 | |
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: c85a9d654b2510f2d5046d0b4a88f203bdd627248bbe3e8b9ae68f704fe75bce |
| kernel-rt-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 80c6525226812c5a41b098cc74c5724d505588cc06a19b2e70fe44bdff243764 |
| kernel-rt-debug-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 20b2d1799c8d9132e3ff4ffa7b090f26a16521b7473d8cced91addcca304662f |
| kernel-rt-debug-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4e6bfe16cb9207c827287b96f5d4378f8c3b5d5a8d1426b819b3bada27723b0a |
| kernel-rt-debug-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38e7a67f9455d53604db3ce1759727ec4df0b83f9d3beeed4e0331448237b70b |
| kernel-rt-debug-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c9e8d4f5d4fd54e68c93a2e6d4bae786c8ce2a95d416ae16f4a714b23300b12 |
| kernel-rt-debug-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 501d9e6a095e84fc9ca68ce611bc264caaa670765c4ce743771e4764150402f1 |
| kernel-rt-debug-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: d989a92bb508fa8275d69aad54bc9ed54b1e8c3821296666c22f05a1a52667d1 |
| kernel-rt-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c1453b0c141266b8a232c9735f6c3b1ab940a08699a35be327e1bbaa38defcd |
| kernel-rt-debuginfo-common-x86_64-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 5cf979018797cab9db0bdd33c7c5a11c36751da2d693f9d560f36b66c6be7ba8 |
| kernel-rt-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 055e928c68f9ca86439ec9be60157a0255b3092912839e7c0cf3aa06dc9b570d |
| kernel-rt-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 1a6652b342892f4d9660a19623b5047ed7d50df10e8075ce32d4488883ebee3e |
| kernel-rt-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: dccd8d908c09bc58d245d4f54ce65bb8805753644dbefe17a745543d455a3c0a |
Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.4
| SRPM | |
|---|---|
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.src.rpm | SHA-256: b3dc17baa7cfd5b29823a2982d5212bbd4b2869a2f455d418908645f08d2b591 |
| x86_64 | |
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: c85a9d654b2510f2d5046d0b4a88f203bdd627248bbe3e8b9ae68f704fe75bce |
| kernel-rt-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 80c6525226812c5a41b098cc74c5724d505588cc06a19b2e70fe44bdff243764 |
| kernel-rt-debug-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 20b2d1799c8d9132e3ff4ffa7b090f26a16521b7473d8cced91addcca304662f |
| kernel-rt-debug-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4e6bfe16cb9207c827287b96f5d4378f8c3b5d5a8d1426b819b3bada27723b0a |
| kernel-rt-debug-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38e7a67f9455d53604db3ce1759727ec4df0b83f9d3beeed4e0331448237b70b |
| kernel-rt-debug-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c9e8d4f5d4fd54e68c93a2e6d4bae786c8ce2a95d416ae16f4a714b23300b12 |
| kernel-rt-debug-kvm-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: e3aa442b54a58a37b01e20817961edba4dbd7dda511e1e8dbf011813bc6c1f32 |
| kernel-rt-debug-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 501d9e6a095e84fc9ca68ce611bc264caaa670765c4ce743771e4764150402f1 |
| kernel-rt-debug-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: d989a92bb508fa8275d69aad54bc9ed54b1e8c3821296666c22f05a1a52667d1 |
| kernel-rt-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c1453b0c141266b8a232c9735f6c3b1ab940a08699a35be327e1bbaa38defcd |
| kernel-rt-debuginfo-common-x86_64-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 5cf979018797cab9db0bdd33c7c5a11c36751da2d693f9d560f36b66c6be7ba8 |
| kernel-rt-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 055e928c68f9ca86439ec9be60157a0255b3092912839e7c0cf3aa06dc9b570d |
| kernel-rt-kvm-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38c23f26aed9c0328344091c95cbb9aaf7cc644708a20ba2befaa2f387550bfc |
| kernel-rt-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 1a6652b342892f4d9660a19623b5047ed7d50df10e8075ce32d4488883ebee3e |
| kernel-rt-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: dccd8d908c09bc58d245d4f54ce65bb8805753644dbefe17a745543d455a3c0a |
Red Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2
| SRPM | |
|---|---|
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.src.rpm | SHA-256: b3dc17baa7cfd5b29823a2982d5212bbd4b2869a2f455d418908645f08d2b591 |
| x86_64 | |
| kernel-rt-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: c85a9d654b2510f2d5046d0b4a88f203bdd627248bbe3e8b9ae68f704fe75bce |
| kernel-rt-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 80c6525226812c5a41b098cc74c5724d505588cc06a19b2e70fe44bdff243764 |
| kernel-rt-debug-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 20b2d1799c8d9132e3ff4ffa7b090f26a16521b7473d8cced91addcca304662f |
| kernel-rt-debug-core-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4e6bfe16cb9207c827287b96f5d4378f8c3b5d5a8d1426b819b3bada27723b0a |
| kernel-rt-debug-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38e7a67f9455d53604db3ce1759727ec4df0b83f9d3beeed4e0331448237b70b |
| kernel-rt-debug-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c9e8d4f5d4fd54e68c93a2e6d4bae786c8ce2a95d416ae16f4a714b23300b12 |
| kernel-rt-debug-kvm-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: e3aa442b54a58a37b01e20817961edba4dbd7dda511e1e8dbf011813bc6c1f32 |
| kernel-rt-debug-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 501d9e6a095e84fc9ca68ce611bc264caaa670765c4ce743771e4764150402f1 |
| kernel-rt-debug-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: d989a92bb508fa8275d69aad54bc9ed54b1e8c3821296666c22f05a1a52667d1 |
| kernel-rt-debuginfo-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 4c1453b0c141266b8a232c9735f6c3b1ab940a08699a35be327e1bbaa38defcd |
| kernel-rt-debuginfo-common-x86_64-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 5cf979018797cab9db0bdd33c7c5a11c36751da2d693f9d560f36b66c6be7ba8 |
| kernel-rt-devel-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 055e928c68f9ca86439ec9be60157a0255b3092912839e7c0cf3aa06dc9b570d |
| kernel-rt-kvm-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 38c23f26aed9c0328344091c95cbb9aaf7cc644708a20ba2befaa2f387550bfc |
| kernel-rt-modules-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: 1a6652b342892f4d9660a19623b5047ed7d50df10e8075ce32d4488883ebee3e |
| kernel-rt-modules-extra-5.14.0-162.23.1.rt21.186.el9_1.x86_64.rpm | SHA-256: dccd8d908c09bc58d245d4f54ce65bb8805753644dbefe17a745543d455a3c0a |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
