Red Hat Product Errata RHSA-2023:7734 - Security Advisory
Issued:
2023-12-12
Updated:
2023-12-12

RHSA-2023:7734 - Security Advisory

Synopsis

Important: kpatch-patch security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for kpatch-patch is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.

Security Fix(es):

  • kernel: use-after-free vulnerability in the smb client component (CVE-2023-5345)
  • kernel: IGB driver inadequate buffer size for frames larger than MTU (CVE-2023-45871)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64

Fixes

  • BZ - 2242172 - CVE-2023-5345 kernel: use-after-free vulnerability in the smb client component
  • BZ - 2244723 - CVE-2023-45871 kernel: IGB driver inadequate buffer size for frames larger than MTU

Red Hat Enterprise Linux for x86_64 9

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
x86_64
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.x86_64.rpm SHA-256: fd948ca2ae182d7df15836bf5519ce4287c857cc5b557703541b4d25b8f425e8
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.x86_64.rpm SHA-256: b92190b7d5c4b62e1951a3fd7d3c1debd04ab4c5851784845471077784440002
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.x86_64.rpm SHA-256: 81b18f9e4e5a0b4b022af06b5059e91262b6e71261695d343e25608cc6bf5253

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
x86_64
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.x86_64.rpm SHA-256: fd948ca2ae182d7df15836bf5519ce4287c857cc5b557703541b4d25b8f425e8
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.x86_64.rpm SHA-256: b92190b7d5c4b62e1951a3fd7d3c1debd04ab4c5851784845471077784440002
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.x86_64.rpm SHA-256: 81b18f9e4e5a0b4b022af06b5059e91262b6e71261695d343e25608cc6bf5253

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
x86_64
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.x86_64.rpm SHA-256: fd948ca2ae182d7df15836bf5519ce4287c857cc5b557703541b4d25b8f425e8
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.x86_64.rpm SHA-256: b92190b7d5c4b62e1951a3fd7d3c1debd04ab4c5851784845471077784440002
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.x86_64.rpm SHA-256: 81b18f9e4e5a0b4b022af06b5059e91262b6e71261695d343e25608cc6bf5253

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
x86_64
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.x86_64.rpm SHA-256: fd948ca2ae182d7df15836bf5519ce4287c857cc5b557703541b4d25b8f425e8
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.x86_64.rpm SHA-256: b92190b7d5c4b62e1951a3fd7d3c1debd04ab4c5851784845471077784440002
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.x86_64.rpm SHA-256: 81b18f9e4e5a0b4b022af06b5059e91262b6e71261695d343e25608cc6bf5253

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
x86_64
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.x86_64.rpm SHA-256: fd948ca2ae182d7df15836bf5519ce4287c857cc5b557703541b4d25b8f425e8
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.x86_64.rpm SHA-256: b92190b7d5c4b62e1951a3fd7d3c1debd04ab4c5851784845471077784440002
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.x86_64.rpm SHA-256: 81b18f9e4e5a0b4b022af06b5059e91262b6e71261695d343e25608cc6bf5253

Red Hat Enterprise Linux for Power, little endian 9

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
ppc64le
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.ppc64le.rpm SHA-256: 919d3cc769cfab52e797f6e7e2437802aa76130932d4064513ac277700c6f983
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.ppc64le.rpm SHA-256: 09584b8d1776cbf7e003f069827603c45bcae7a4b58aae1262ba8fa61e3c0422
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.ppc64le.rpm SHA-256: d1bb2e9e9ee7e3f09cbd3d36421e93c27b2f1314673e2e1adf0db16e74568ef3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
ppc64le
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.ppc64le.rpm SHA-256: 919d3cc769cfab52e797f6e7e2437802aa76130932d4064513ac277700c6f983
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.ppc64le.rpm SHA-256: 09584b8d1776cbf7e003f069827603c45bcae7a4b58aae1262ba8fa61e3c0422
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.ppc64le.rpm SHA-256: d1bb2e9e9ee7e3f09cbd3d36421e93c27b2f1314673e2e1adf0db16e74568ef3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
ppc64le
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.ppc64le.rpm SHA-256: 919d3cc769cfab52e797f6e7e2437802aa76130932d4064513ac277700c6f983
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.ppc64le.rpm SHA-256: 09584b8d1776cbf7e003f069827603c45bcae7a4b58aae1262ba8fa61e3c0422
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.ppc64le.rpm SHA-256: d1bb2e9e9ee7e3f09cbd3d36421e93c27b2f1314673e2e1adf0db16e74568ef3

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
ppc64le
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.ppc64le.rpm SHA-256: 919d3cc769cfab52e797f6e7e2437802aa76130932d4064513ac277700c6f983
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.ppc64le.rpm SHA-256: 09584b8d1776cbf7e003f069827603c45bcae7a4b58aae1262ba8fa61e3c0422
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.ppc64le.rpm SHA-256: d1bb2e9e9ee7e3f09cbd3d36421e93c27b2f1314673e2e1adf0db16e74568ef3

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
ppc64le
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.ppc64le.rpm SHA-256: 919d3cc769cfab52e797f6e7e2437802aa76130932d4064513ac277700c6f983
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.ppc64le.rpm SHA-256: 09584b8d1776cbf7e003f069827603c45bcae7a4b58aae1262ba8fa61e3c0422
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.ppc64le.rpm SHA-256: d1bb2e9e9ee7e3f09cbd3d36421e93c27b2f1314673e2e1adf0db16e74568ef3

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
x86_64
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.x86_64.rpm SHA-256: fd948ca2ae182d7df15836bf5519ce4287c857cc5b557703541b4d25b8f425e8
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.x86_64.rpm SHA-256: b92190b7d5c4b62e1951a3fd7d3c1debd04ab4c5851784845471077784440002
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.x86_64.rpm SHA-256: 81b18f9e4e5a0b4b022af06b5059e91262b6e71261695d343e25608cc6bf5253

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.src.rpm SHA-256: fe7292726df34b0de9dc1015fb43c5fcdad428e89cbadb2da2fcbef1b80450bd
x86_64
kpatch-patch-5_14_0-362_8_1-1-1.el9_3.x86_64.rpm SHA-256: fd948ca2ae182d7df15836bf5519ce4287c857cc5b557703541b4d25b8f425e8
kpatch-patch-5_14_0-362_8_1-debuginfo-1-1.el9_3.x86_64.rpm SHA-256: b92190b7d5c4b62e1951a3fd7d3c1debd04ab4c5851784845471077784440002
kpatch-patch-5_14_0-362_8_1-debugsource-1-1.el9_3.x86_64.rpm SHA-256: 81b18f9e4e5a0b4b022af06b5059e91262b6e71261695d343e25608cc6bf5253

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.